SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

The hackers compromised GitHub Action tags, then shifted to NPM, Docker Hub, VS Code, and PyPI, and teamed with Lapsus$.
PCMag

iPhone Hack 'DarkSword' Leaks Online, Can Target Millions of Older Models

At this point, those on iOS 26 are safe, though one developer claims to have used the leaked code to create a 'DarkSword' ...
InfoWorld

New ‘StoatWaffle’ malware auto‑executes attacks on developers

The newly observed malware abuses VS Code’s “runOn:folderOpen” feature to execute automatically from trusted projects, ...

Your iPhone could be hacked in minutes: Why a new GitHub leak puts millions of Apple devices at risk

A newly leaked iPhone hacking tool could let attackers easily target devices that haven’t been updated to the latest iOS ...
The Hacker News

TeamPCP Hacks Checkmarx GitHub Actions Using Stolen CI Credentials

Two more GitHub Actions workflows have become the latest to be compromised by credential-stealing malware by a threat actor ...
The Financial Express

Somebody publicly posted an iPhone hack kit that puts millions of you at risk

Once a victim is exposed to a malicious link, the exploit gains filesystem access and exfiltrates data to an ...

Someone has publicly leaked an exploit kit that can hack millions of iPhones

Leaked "DarkSword" exploits published to GitHub allow hackers and cybercriminals to target iPhone users running old versions ...
Cyber Daily

Code security platform Trivy compromised by malicious packages

The open-source supply chain hack represents “meaningful industry-wide risk”, according to an industry expert.
GovInfoSecurity

Cryptohack Roundup: AppsFlyer SDK Breach Enabled Theft

This week, the AppsFlyer SDK breach, JPMorgan sued over ties to a Ponzi scheme, the OFAC sanctioned a network tied to North ...
PCMag on MSN

Update your iPhone now: New 'DarkSword' hack targets older iOS 18 versions

Beware! Shadowy attackers have been using an iOS exploit to hack vulnerable devices.
PCMag on MSN

Still on iOS 18.4 to 18.7? iPhone hack called 'DarkSword' can hit your device

Since November, shadowy attackers have been using the 'DarkSword' iOS exploit to hack vulnerable iPhones on certain iOS 18 ...

This severe and international iPhone hack is the best reason to update to iOS 26.3 yet

A sophisticated iPhone hacking technique and surveillance campaign ran rampant internationally for months, prior to a patch ...