The Hacker News

Over 1,000 Exposed ComfyUI Instances Targeted in Cryptomining Botnet Campaign

Over 1,000 exposed ComfyUI instances exploited via unauthenticated code execution, enabling Monero mining and botnet expansion.
eWeek

Ukrainian War Robots, Drones Hit Front Lines, Testing Russia’s Firepower

Ukraine is using ground robots and drones to cut casualties, sustain logistics, and adapt faster as the war with Russia ...

How Ottawa patches potholes with a Dr. Seuss-like machine called the Python 5000

To fix the tens of thousands of potholes across the city, Ottawa has turned to the Python 5000 all-in-one machine. Gary ...
eWeek

Minimus Appoints Tech Dealmaker Yael Nardi as Chief Business Officer to Drive Hyper-Growth

Minimus, a leading provider of hardened container images and secure container images designed to eliminate CVE risk, today ...
The Hacker News

DPRK-Linked Hackers Use GitHub as C2 in Multi-Stage Attacks Targeting South Korea

DPRK-linked actors use GitHub C2 and LNK phishing in South Korea, enabling persistent PowerShell control and data ...

Telnyx joins LiteLLM in latest PyPI package poisoning tied to Trivy breach

The cybercrime crew linked to the Trivy supply-chain attack has struck again, this time pushing malicious Telnyx package ...
Security Boulevard

Fake Temu Coin airdrop uses ClickFix trick to install stealthy malware

A fake $TEMU crypto airdrop uses the ClickFix trick to make victims run malware themselves and quietly installs a remote-access backdoor.
SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...
Dark Reading

Wartime Usage of Compromised IP Cameras Highlight Their Danger

Russia, Iran, Israel, Ukraine, and the US have all exploited IP-connected cameras to 'see' monitor adversaries, and private ...
The Robot Report

PhAIL ranks top robotics foundation models on real hardware

Positronic Robotics has launched PhAIL, a benchmark evaluating physical AI models on commercial tasks using throughput and ...
Microsoft

Guidance for detecting, investigating, and defending against the Trivy supply chain compromise

Threat actors abused trusted Trivy distribution channels to inject credential‑stealing malware into CI/CD pipelines worldwide ...