The Hacker News

TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.
Infosecurity Magazine

TeamPCP Targets Telnyx Package in Latest PyPI Software Supply Chain Attack

Socket and Endor Labs discovered a new TeamPCP campaign leading to the delivery of credential-stealing malware ...

Webサーバー「nginx」にセキュリティアップデート、6件の脆弱性を修正

クロスプラットフォーム対応・オープンソースのWebサーバーシステム「nginx」(エンジンエックス)が3月24日、v1.28.3(stable)、v1.29.7(mainline)へとアップデートされた。以下の脆弱性に対処したセキュリティアップデート ...

CISA: New Langflow flaw actively exploited to hijack AI workflows

The Cybersecurity and Infrastructure Security Agency (CISA) is warning that hackers are actively exploiting a critical ...
MUO on MSN

Your spare laptop is about to become the cheapest NAS alternative you'll find

Your old laptop is about to outwork that overpriced NAS box ...
Security Boulevard

CanisterWorm: The Self-Spreading npm Attack That Uses a Decentralized Server to Stay Alive

UTC, Aikido Security detected an unusual pattern across the npm registry: dozens of packages from multiple organizations were ...
The Hacker News

Critical Langflow Flaw CVE-2026-33017 Triggers Attacks within 20 Hours of Disclosure

Langflow CVE-2026-33017 exploited in 20 hours after disclosure, enabling RCE via exec(), exposing systems before patching ...
XDA Developers on MSN

I stopped using Windows Search and built my own instead

When custom tools beat built-in ones.