Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...
CSO Online

Hackers exploit critical PTC Windchill PLM software flaw

The popular product lifecycle management platform is under active exploitation for an RCE vulnerability that could put ...
Microsoft

Photo ZIP campaign targeting hospitality industry delivers Node.js implant for persistent access

Microsoft Threat Intelligence identified an active multi-stage intrusion campaign targeting hospitality organizations in ...
SecurityWeek

First-Ever Exploitation of PTC Windchill Vulnerability Discovered in the Wild

Hackers exploited a vulnerability in PTC Windchill in the wild, marking the first confirmed real-world abuse of the PLM ...
winbuzzer.com

OpenAI Says GPT-5.5-Cyber Leads Claude Mythos, Expands Daybreak-Initiative

OpenAI is now turning its Daybreak initiative into a defensive cybersecurity program that combines Codex updates, the GPT-5.5-Cyber release and partner access for approved organizations. As OpenAI ...
CSO Online

Be on the lookout for Mistic, a new backdoor used by ransomware broker

The malware program has been deployed across multiple sectors since April, helping to provide initial access sold to ransomware gangs.
SecurityWeek

Exploitable CI/CD Vulnerabilities Expose Millions of Repositories to Hijacking

Cordyceps, a systemic class of exploitable CI/CD vulnerabilities, allows unauthenticated attackers to hijack developer ...

Stealthy Mistic backdoor linked to ransomware access broker KongTuke

A new backdoor dubbed Mistic has been observed in financially motivated attacks targeting organizations in the insurance, ...
Naples Daily News

Help wanted: Full-time python hunters get paid for eliminating snakes

The invasive pythons number in the thousands and have unleashed havoc across more than 1,000 square miles of the Everglades ...
GitHub

pydahua – Python Library for Dahua Biometric & Access Control Devices

Stop struggling with Dahua HTTP APIs and messy responses. pydahua is a clean, production-ready Python library that helps you interact with Dahua biometric and access control devices effortlessly. No ...
Wired

You Can Control Everything on Your Phone With Your Voice. Here’s How

With the arrival of digital assistant apps like Gemini and Siri, most of us have grown used to talking to our phones. But conversing with your Android or iOS device can go way beyond interacting with ...