Dark Reading

GlassWorm Malware Evolves to Hide in Dependencies

The infamous GlassWorm malware has infected dozens more Open VSX software packages, according to new research.
The Hacker News

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos

GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...

New “vibe coded” AI translation tool splits the video game preservation community

A day after that project went public, though, Hubbard was issuing an apology to many members of the Gaming Alexandria’s ...
SecurityWeek

Threat Actor Targeting VPN Users in New Credential Theft Campaign

Storm-2561 is relying on SEO poisoning to distribute fake VPN clients that install trojans and steal users’ credentials.
The Hacker News

ClickFix Campaigns Spread MacSync macOS Infostealer via Fake AI Tool Installers

ClickFix campaigns spread MacSync macOS infostealer via malicious Terminal commands since Nov 2025, targeting AI tool users ...
Cybernews

Microsoft reveals SEO poisoning campaign that baits users into downloading fake VPN software

The malware is designed to steal the victim’s VPN login credentials. According to Microsoft, the attack uses search engine optimization (SEO) poisoning to push websites hosting the malicious VPN ...

Shopify CEO uses AI tool Claude to read his MRI scans

Tobi Lütke says he built a simple AI-powered viewer instead of installing the medical software usually required to open the ...