The Hacker News

North Korea-Linked Hackers Target Developers via Malicious VS Code Projects

North Korean hackers abuse Visual Studio Code task files in fake job projects to deploy backdoors, spyware, and crypto miners ...
The Hacker News

Evelyn Stealer Malware Abuses VS Code Extensions to Steal Developer Credentials and Crypto

Experts reveal Evelyn Stealer malware abusing VS Code extensions to steal developer credentials, browser data, and ...

AI Is Poised to Take Over Language, Law and Religion, Historian Yuval Noah Harari Warns

At Davos, the historian said AI is evolving into an autonomous agent that could eventually force governments to decide whether machines deserve legal recognition.

WhatsApp Web malware spreads banking trojan automatically

New WhatsApp Web attack spreads self-propagating ZIP files containing Astaroth banking malware through trusted conversations.
CSO Online

Contagious Interview turns VS Code into an attack vector

Threat actors behind the campaign are abusing Microsoft Visual Studio Code’s trusted workflows to execute and persist ...
Microsoft

Inside RedVDS: How a single virtual desktop provider fueled worldwide cybercriminal operations

Microsoft’s investigation into RedVDS services and infrastructure uncovered a global network of disparate cybercriminals ...
InfoWorld

From typos to takeovers: Inside the industrialization of npm supply chain attacks

A dramatic spike in npm-focused intrusions shows how attackers have shifted from opportunistic typosquatting to systematic, credential-driven supply chain compromises — exploiting CI systems, ...
moneycontrol.com

Labour codes draft rules notified: How changes in wage definition will impact PF, gratuity and take-home pay

Did our AI summary help? India’s new labour codes are set to significantly change how employee wages are calculated and with it, how statutory benefits such as provident fund (PF), gratuity and other ...
Opinion
CSO OnlineOpinion

The 2 faces of AI: How emerging models empower and endanger cybersecurity

AI helps security teams move faster — but it’s also helping attackers do the same, turning cybersecurity into a race of machines versus machines.

Threat Spotlight: The number of phishing kits doubled in 2025, bringing stealth, innovation and the same old themes

In 2025, the number of known phishing-as-a-service (PhaaS) kits doubled in number, increasing the pressure on security ...

AdGuard VPN's obfuscated TrustTunnel protocol goes open-source – here's what you need to know

AdGuard VPN has made its proprietary TrustedTunnel protocol open-source. Here's what you need to know about the protocol and ...