The Hacker News

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos

GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...
SecurityWeek

ForceMemo: Python Repositories Compromised in GlassWorm Aftermath

Hackers use credentials stolen in the GlassWorm campaign to access GitHub accounts and inject malware into Python repositories.

Hundreds of Millions of iPhones Can Be Hacked With a New Tool Found in the Wild

A powerful iPhone-hacking technique known as DarkSword has been discovered in use by Russian hackers. It can take over devices running iOS 18 that simply visit infected websites.

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...

UK Man Accuses Spouse of Stealing $172 Million Bitcoin Password via CCTV Camera

Ping Fai Yuen, who is a U.K. resident, has accused his estranged wife of stealing a little over 2,323 bitcoin (worth around $172 million) from him in court documents. The theft is said to have taken ...

AppsFlyer Web SDK used to spread crypto stealer JavaScript code

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.

Man says wife stole $172 million in Bitcoin after hidden CCTV cameras captured wallet password

According to High Court filings, Ping Fai Yuen claims his wife, Fun Yung Li, secretly recorded him entering the seed phrase ...

Security News This Week: A Hacker Accidentally Broke Into the FBI’s Epstein Files

Plus: A porn-quitting app exposed the masturbation habits of hundreds of thousands of users, Russian hackers are trying to take over people’s Signal accounts, and more.