Dark Reading

Chinese APTs Hacking Asian Orgs With High-End Malware

Advanced persistent threat (APT) groups have deployed new tools against a variety of targets, highlighting the increasing ...

Infostealers added Clawdbot to their target lists before most security teams knew it was running

RedLine, Lumma, and Vidar adapted in 48 hours. Clawdbot's localhost trust model collapsed, plaintext memory files sit exposed ...
PCMag

These Free VPNs, Proxies Used by Criminals to Hijack Users' Connections

Google seizes domains used by the IPIDEA proxy network, which sold access to devices compromised through free VPNs, proxy services, and mobile apps.

Google disrupts IPIDEA residential proxy networks fueled by malware

IPIDEA, one of the largest residential proxy networks used by threat actors, was disrupted earlier this week by Google Threat ...
GitHub

LangChain Sequential Thinking Tool

This package provides a LangChain BaseTool implementation based on the sequential thinking pattern, inspired by the Model Context Protocol (MCP) server implementation. It allows language models to ...

Secret US cyber operations shielded 2024 election from foreign trolls, but now the Trump admin has gutted protections

Weeks before the 2024 election, American military hackers carried out a secret operation to disrupt the work of Russian trolls spewing false information at US voters.
The Hacker News

Fake Python Spellchecker Packages on PyPI Delivered Hidden Remote Access Trojan

Two fake spellchecker packages on PyPI hid a Python RAT in dictionary files, activating malware on import in version 1.2.0.

Chinese Mustang Panda hackers deploy infostealers via CoolClient backdoor

The Chinese espionage threat group Mustang Panda has updated its CoolClient backdoor to a new variant that can steal login ...
The Hacker News

China-Linked Hackers Have Used the PeckBirdy JavaScript C2 Framework Since 2023

Experts details PeckBirdy, a JavaScript C2 framework used since 2023 by China-aligned attackers to spread malware via fake ...
Mashable

DeepSeek collects keystroke data and more, storing it in Chinese servers

U.S. tech companies are known to stockpile as much user data as they can, but DeepSeek's privacy policy makes Meta, Google, and OpenAI look tame. "The personal information we collect from you may be ...