GovInfoSecurity

Breach Roundup: CISA Says Agencies Should 'Patch Smarter'

This week, CISA tightened patching rules, hackers provoked AI scanners. An accused Russian intel hacker appeared in court.

Signal Alums Reveal ‘Encrypted Spaces,’ a System for Making Private Collaboration Apps

The new open-source project could serve as the basis for a future of apps with features as complex as Slack, Discord, or ...

Protect and encrypt your files with this free app

The app works by creating encrypted “vaults.” Anything you place inside a vault gets scrambled into unreadable data unless ...
Hosted on MSN

Gmail servers hijacked by malicious PyPI packages to spread havoc - here's how to stay safe

Socket found seven malicious packages on PyPI The packages were abusing Gmail and WebSocket They were removed from the platform Several malicious PyPI packages were recently observed abusing Gmail to ...
WeLiveSecurity

A rigged game: ScarCruft compromises gaming platform in a supply-chain attack

ESET researchers uncovered a multiplatform supply-chain attack by North Korea-aligned APT group ScarCruft, targeting the Yanbian region in China – home to ethnic Koreans and a crossing point for North ...
Hosted on MSN

A popular Python library just became a backdoor to your entire machine

If you work with AI APIs and local LLMs, there's a good chance you've at least heard of LiteLLM. It's one of the most popular Python libraries for interacting with large language models, offering a ...
The Hacker News

TeamPCP Backdoors LiteLLM Versions 1.82.7–1.82.8 via Trivy CI/CD Compromise

TeamPCP, the threat actor behind the recent compromises of Trivy and KICS, has now compromised a popular Python package named litellm, pushing two malicious versions containing a credential harvester, ...
Tech Digest

Instagram to stop encrypting private messages, Quantum cryptography duo win Turing Award

Instagram will stop encrypting private messages between users from May, after enduring years of criticism from law enforcement and child safety groups over the feature. Meta quietly announced this ...
theregister

Lifetime access to AI-for-evil WormGPT 4 costs just $220

Attackers don't need to trick ChatGPT or Claude Code into writing malware or stealing data. There's a whole class of LLMs built especially for the job. One of these, WormGPT 4, advertises itself as ...
Windows Report

5 Best Email Encryption Software Ranked by Features

Email encryption software is extremely important nowadays because digital correspondence has never been more endangered. These solutions practically scramble the contents of the message so they cannot ...
Bleeping Computer

From infostealer to full RAT: dissecting the PureRAT attack chain

An investigation into what appeared at first glance to be a “standard” Python-based infostealer campaign took an interesting turn when it was discovered to culminate in the deployment of a ...
Analytics Insight

Top 10 Python Libraries for Cybersecurity in 2025

Python libraries simplify testing networks and detecting vulnerabilities in systems. Tools like YARA and Pymetasploit3 help identify malware and security weaknesses. Encryption and AI-focused ...