ComfyUI servers: Attackers turn instances into a cryptominer proxy botnet

More than 1000 ComfyUI servers are exposed to the internet. Attackers exploit misconfigurations to add instances to a botnet.
The Hacker News

N. Korean Hackers Spread 1,700 Malicious Packages Across npm, PyPI, Go, Rust

Over 1,700 malicious packages since Jan 2025 fuel cross-ecosystem supply chain attacks, enabling espionage and financial ...

Hackers Turned Anthropic's Claude Code Leak into a Malware Lure

Cybercriminals are exploiting the recent Claude Code source code leak to distribute Vidar malware via fake GitHub repositories.
PCMag

The Best Malware Removal and Protection Software for 2026

We've tested more than 100 anti-malware apps to help you find the best malware protection and removal software for all your ...
Microsoft

Inside an AI‑enabled device code phishing campaign

A new wave of device code phishing shows how threat actors are scaling account compromise using AI and end‑to‑end automation.

Security News This Week: Hackers Are Posting the Claude Code Leak With Bonus Malware

Plus: The FBI says a recent hack of its wiretap tools poses a national security risk, attackers stole Cisco source code as ...

Device code phishing attacks surge 37x as new kits spread online

Device code phishing attacks that abuse the OAuth 2.0 Device Authorization Grant flow to hijack accounts have surged more ...
Dark Reading

Claude Source Code Leak Highlights Big Supply Chain Missteps

Or, why the software supply chain should be treated as critical infrastructure with guardrails built in at every layer.
PCMag

Hackers Are Using Claude Code Leak As Bait to Spread Malware

With Anthropic rushing to wipe out the Claude Code leak, hackers are posting malware-laden files on GitHub that they claim ...

Google Says Nothing To See Here As 50 Android Apps Infected By Malware

McAfee Labs researchers sound the alarm about 50 infected Android apps, downloaded 2.3 million times. Google says hold my ...