The Hacker News

APT36 and SideCopy Launch Cross-Platform RAT Campaigns Against Indian Entities

Pakistan-aligned APT36 and SideCopy target Indian defense and government entities using phishing-delivered RAT malware across Windows and Linux system ...
Dark Reading

TeamPCP Turns Cloud Infrastructure Into Crime Bots

The threat actor has been compromising cloud environments at scale with automated worm-like attacks on exposed services and ...
The Hacker News

Malicious NGINX Configurations Enable Large-Scale Web Traffic Hijacking Campaign

Active React2Shell exploitation uses malicious NGINX configurations to hijack web traffic, targeting Baota panels, Asian TLDs ...
Microsoft

Infostealers without borders: macOS, Python stealers, and platform abuse

How modern infostealers target macOS systems, leverage Python‑based stealers, and abuse trusted platforms and utilities to ...
GitHub

North MCP Python SDK

This SDK builds on top of the original SDK. Please refer to the original repository's README for general information. This README focuses on North-specific details ...
theregister

Anthropic quietly fixed flaws in its Git MCP server that allowed for remote code execution

Anthropic has fixed three bugs in its official Git MCP server that researchers say can be chained with other MCP tools to remotely execute malicious code or overwrite files via prompt injection. The ...
GitHub

vmware-archive/script-runtime-service-for-vsphere

Script Runtime Service for vSphere (SRS) enables vSphere users and services (clients) to manage PowerCLI instances and run PowerCLI scripts. SRS clients authenticate once with vSphere credentials or ...