The Hacker News

ThreatsDay Bulletin: Claude Chat Abuse, NastyC2 npm Packages, Device-Code Phishing + 25 More Stories

ThreatsDay Bulletin covers AI abuse, poisoned packages, phishing, macOS attacks, SD-WAN flaws, scams, and supply-chain ...
The Hacker News

Junior Hacker Used Tailscale and OpenSSH to Keep Access After His C2 Went Offline

Cato Networks tracked Poisson using OpenSSH and Tailscale to maintain access after Havoc C2 outage in a 33-day intrusion.
GitHub

MCP server for Unreal Engine that uses Unreal Python Remote Execution

This server does not require installing a new UE plugin as it uses the built-in Python remote execution protocol. Adding new tools/features is much faster to develop ...
GitHub

kubeflow/mcp-apache-spark-history-server

A standalone Go binary. Query your Spark History Server directly from the terminal, shell scripts, or CI/CD pipelines. Also works as a skill for coding agents like Claude Code and Kiro. An MCP (Model ...
Bleeping Computer

Glassworm botnet disrupted after resilient C2 infrastructure takedown

The Glassworm botnet targeting developers in software supply-chain attacks has been disrupted after researchers took down its resilient command-and-control infrastructure relying on Solana blockchain ...
WXYZ

DoorDash driver caught on camera stealing tips from server working a Memorial Day double shift

A server at Leo's Coney Island in Taylor says a DoorDash driver reached over a protective barrier and stole $258 in tip money while she was packing up his order ...