The Hacker News

Critical Grist-Core Vulnerability Allows RCE Attacks via Spreadsheet Formulas

A critical Grist-Core flaw (CVE-2026-24002, CVSS 9.1) allows remote code execution through malicious formulas when Pyodide ...
The Hacker News

China-Linked Hackers Have Used the PeckBirdy JavaScript C2 Framework Since 2023

Experts details PeckBirdy, a JavaScript C2 framework used since 2023 by China-aligned attackers to spread malware via fake ...
GitHub

Simple, commands based scripting language for SCP: Secret Laboratory.

This plugin was created using official Northwood Lab API. No additional dependencies need to be installed in order to run it. This project was developed as part of the educational process at PJAIT.
AARP

Grownups Seize the Spotlight in the 2026 Oscar Nominations

The 2026 Oscar nominations once again proved the clout of grownup talents, and the grownup audience, in the art and business ...

Jamf has a warning for macOS vibe coders

Just yesterday, we noted the growing threat of ransomware. Now, Jamf Threat Labs is warning that North Korean threat actors ...

Microsoft Virtual Studio Code is being targeted by North Korean hackers

The contagious interview campaign continues.
SecurityWeek

North Korean Hackers Target macOS Developers via Malicious VS Code Projects

North Korean hackers target macOS developers with malware hidden in Visual Studio Code task configuration files.
CSO Online

Contagious Interview turns VS Code into an attack vector

Threat actors behind the campaign are abusing Microsoft Visual Studio Code’s trusted workflows to execute and persist ...