The Hacker News

Fake Python Spellchecker Packages on PyPI Delivered Hidden Remote Access Trojan

Two fake spellchecker packages on PyPI hid a Python RAT in dictionary files, activating malware on import in version 1.2.0.
SecurityWeek

‘PackageGate’ Flaws Open JavaScript Ecosystem to Supply Chain Attacks

Vulnerabilities in the NPM, PNPM, VLT, and Bun package managers could lead to protection bypasses and arbitrary code ...

PCI Race Radios Returns to King of the Hammers for the Event’s 20th Anniversary Celebration

CYPRESS, CA, UNITED STATES, January 20, 2026 /EINPresswire.com/ -- PCI Race Radios is proud to announce its attendance ...
InfoWorld

Unplugged holes in the npm and yarn package managers could let attackers bypass defenses against Shai-Hulud

A researcher at Koi Security says the two key platforms have not plugged the vulnerabilities enabling the worm attacks, and ...
CSO Online

Hugging Face infra abused to spread Android RAT in a large-scale malware campaign

A fake security app called TrustBastion is being used to drop remote‑access malware hosted on Hugging Face, with attackers generating thousands of Android package variants to evade detection, ...

Pubs get some sweet relief with GOVT announcing 15% off business rate bills

Treasury minister Dan Tomlinson told the Commons as he set out a support package for pubs and music venues.
The Manila Times

ZetaDisplay and LG partner to factory pre-load Engage Suite on LG digital signage displays

ZetaDisplay has partnered with LG Electronics to simplify and accelerate digital signage content deployment by preloading ...
Corriere Tv - UK on MSN

Trentino, the collapse of 300 cubic meters of rock engulfs Castel San Gottardo

Carol Kirkwood fights back tears on BBC as she quits after 25 years Highly contagious disease no longer 'eliminated' in UK as ...

Keep your photos private! Set up your own at-home NAS cloud alternative

Don't entrust your photos to large cloud storage services. Use a NAS as a private cloud to keep your photos safe, secure, and ...

Top LNG Manufacturer Expands in Small-Scale and Processing Technology

LNG technology serves as a cornerstone for expanding the reach of natural gas to regions beyond pipeline networks, enabling ...
Dark Reading

'Contagious Interview' Attack Now Delivers Backdoor Via VS Code

Once trust is granted to the repository's author, a malicious app executes arbitrary commands on the victim's system with no ...
CSO Online

Contagious Interview turns VS Code into an attack vector

Threat actors behind the campaign are abusing Microsoft Visual Studio Code’s trusted workflows to execute and persist ...