The Hacker News

PyPI Packages Deliver ZiChatBot Malware via Zulip APIs on Windows and Linux

ZiChatBot malware spread via 3 PyPI packages in July 2025 uses Zulip APIs as C2, enabling stealthy attacks across systems ...
Microsoft

When prompts become shells: RCE vulnerabilities in AI agent frameworks

New research exposes how prompt injection in AI agent frameworks can lead to remote code execution. Learn how these ...

Canvas hack strands university students during finals week

Students attempting to access grades, study materials and quizzes were met instead with a message from a hacking group on ...
The Hacker News

PCPJack Credential Stealer Exploits 5 CVEs to Spread Worm-Like Across Cloud Systems

PCPJack steals credentials via 6 Python modules exploiting 5 CVEs, enabling cloud spread and fraud-driven attacks.
SecurityWeek

Claude AI Guided Hackers Toward OT Assets During Water Utility Intrusion

Claude AI guided a threat actor toward OT ICS SCADA systems in an attack on a water and drainage utility in Mexico.

Canvas login portals hacked in mass ShinyHunters extortion campaign

The ShinyHunters extortion gang has breached education technology giant Instructure again, this time exploiting another ...