Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package ...
PC Magazine

US Helps Shut Down Proxy Service Used to Hack Thousands of Routers

A proxy service called SocksEscort has been found infecting thousands of routers from brands such as D-Link, Netgear, and TP-Link, and selling access to them to cybercriminals. On Thursday, the US ...
The Verge

The AI security nightmare is here and it looks suspiciously like lobster

A hacker tricked Cline’s Claude-powered workflow into installing OpenClaw on computers. A hacker tricked Cline’s Claude-powered workflow into installing OpenClaw on computers. is a London-based ...
Ars Technica

Hacker who stole 120,000 bitcoins wants a second chance—and a security job

On Thursday, Ilya Lichtenstein, who was at the center of a massive 2016 crypto heist worth billions at the time, wrote online that he is now out of prison and has changed his ways. “Ten years ago, I ...
Wired

Security News This Week: US Hackers Reportedly Caused a Blackout in Venezuela

Plus: AI reportedly caused ICE to send agents into the field without training, Palantir’s app for targeting immigrants gets exposed, and more. As Immigration and Customs Enforcement continues its ...
The New York Times

Wireless Earbuds Can Be Hacked. Here’s How to Protect Yourself.

We independently review everything we recommend. When you buy through our links, we may earn a commission. Learn more› By Max Eddy Max Eddy is a writer who has covered privacy and security — including ...
Ars Technica

Many Bluetooth devices with Google Fast Pair vulnerable to “WhisperPair” hack

Pairing Bluetooth devices can be a pain, but Google Fast Pair makes it almost seamless. Unfortunately, it may also leave your headphones vulnerable to remote hacking. A team of security researchers ...
Wired

Hundreds of Millions of Audio Devices Need a Patch to Prevent Wireless Hacking and Tracking

Flaws in how 17 models of headphones and speakers use Google’s one-tap Fast Pair Bluetooth protocol have left devices open to eavesdroppers and stalkers. Today, security researchers at Belgium’s KU ...
The Verge

A convoluted hack brings Wireless CarPlay to GM EVs for the truly dedicated.

The company’s decision to cut off CarPlay and Android Auto hasn’t exactly been popular. While GM isn’t backing down anytime soon, some industrious drivers are working to bring back support. A ...
GM Authority

Open-Source Hack Potentially Brings Wireless Apple CarPlay To GM EVs

As GM Authority has covered at length, GM is phasing out Apple CarPlay and Android Auto from its new EVs, triggering pushback from buyers who feel as through the popular smartphone mirroring apps are ...
The Hacker News

Legacy Python Bootstrap Scripts Create Domain-Takeover Risk in Multiple PyPI Packages

Cybersecurity researchers have discovered vulnerable code in legacy Python packages that could potentially pave the way for a supply chain compromise on the Python Package Index (PyPI) via a domain ...