Hackaday

This Week In Security: Docker Auth, Windows Tools, And A Very Full Patch Tuesday

CVE-2026-34040 lets attackers bypass some Docker authentication plugins by allowing an empty request body. Present since 2024, this bug was caused by a previous fix to the auth workflow. In the ...

Hackers exploit Marimo flaw to deploy NKAbuse malware from Hugging Face

Hackers are exploiting a critical vulnerability in Marimo reactive Python notebook to deploy a new variant of NKAbuse malware ...
Infosecurity Magazine

APK Malformation Found in Thousands of Android Malware Samples

Android Package (APK) malformation has emerged as a standard Android malware evasion tactic, with the technique identified in more than 3000 malicious samples across families including Teabot, TrickMo ...

Google Android PIN Hackers Target 800 Apps During Attack Surge

More than 800 Google Android apps have been targeted by a surge in PIN-stealing hack attacks. What you need to know.
Live Science

Hackers used AI to steal hundreds of millions of Mexican government and private citizen records in one of the largest cybersecurity breaches ever

A group of hackers used both Claude Code and ChatGPT in a cybersecurity hack that lasted two and a half months. Nine Mexican ...