BTMOB Android malware service generates custom phishing payloads

An Android remote access trojan named BTMOB is offered to cybercriminals with a builder interface for generating malware ...

Fed up with vibe coders, dev sneaks data-nuking prompt injection into their code

The controversy over vibe coding reached a new high this week after a developer added hidden instructions to his open source ...

CrowdStrike and Google take down botnet used by hackers to target open source software developers

Cybercriminals used the Glassworm botnet to infect open source software projects with malware, and in turn hack the ...

This AI-coded malware apparently leaked its own GitHub private token

Whoopsie.
Techopedia

SpaceX’s Starlink Feuds With Pentagon Over Pricing Ahead of IPO | This Week in IT

Suswati Basu is a multilingual, award-winning editor. She was shortlisted for the Guardian Mary Stott Prize and longlisted for the Guardian International Development Journalism Award.… According to ...
The Hacker News

Malicious npm Package Stole Files From Claude AI User Directory via GitHub

Malicious npm package downloaded 676 times stole Claude AI files via GitHub uploads, increasing AI-driven malware risks.
Infosecurity Magazine

BTMOB Android RAT Spreads Through No-Code Builder Tooling

An Android remote access trojan (RAT) that lets buyers build their own custom payloads without writing a line of code has ...
WeLiveSecurity

BTMOB: A stealthy RAT burrowing deep into Android devices

Our recent review of threat detections in Brazil surfaced BTMOB, an Android remote access trojan (RAT) that is less notable ...
Arabian Post

InvisibleFerret shift raises developer risks

North Korea-linked hackers have upgraded the InvisibleFerret malware to bypass script-based security tools, converting its Python code into compiled modules that are harder for defenders to inspect ...

Hackers breach GitHub and access 3,800 internal repositories now listed for sale

GitHub has said it found about 3,800 internal repositories accessed in the breach and stressed that these contained its own code rather than customer projects. The ...
cybernews

China-linked hackers deploy new "Showboat" malware against telecom firms

The malware appears designed for long-term hidden access inside telecom infrastructure, raising espionage and surveillance concerns. The findings land as US officials continue warning about ...

GitHub confirms breach — thousands of internal repositories hit after employee installs malicious VS Code extension

GitHub confirms an employee’s compromised device led to exfiltration of internal repositories via a poisoned VSCode extension ...