Latest news as of 8/6/2025, 11:36:45 PM
The Hacker News
Cybersecurity researchers have uncovered malicious packages uploaded to the Python Package Index (PyPI) repository that act as checker tools to validate stolen email addresses against TikTok and Instagram APIs. All three packages are no longer available on PyPI. The names of the Python packages are below - checker-SaGaF (2,605 downloads) steinlurks (1,049 downloads) sinnercore (3,300 downloads)
The Register
Brain drain, budget cuts, and constant cyberthreats - who wouldn't want this job? The US Cybersecurity and Infrastructure Security Agency (CISA) has a new No. 2: Madhu Gottumukkala, stepping in as the nation's lead civilian cyber agency faces budget cuts, a brain drain, and the never-ending task of defending critical infrastructure.…
Bleeping Computer
OpenAI is planning to combine multiple products (features or models) into its next foundational model, which is called GPT-5. [...]
Dark Reading
A cyber-espionage campaign is targeting Ukrainian government entities with a series of sophisticated spear-phishing attacks that exploit XSS vulnerabilities.
Bleeping Computer
Threat actors have been distributing trojanized versions of the KeePass password manager for at least eight months to install Cobalt Strike beacons, steal credentials, and ultimately, deploy ransomware on the breached network. [...]
Dark Reading
The addition is an important hire for the No. 2 position at the cyber agency. The main director role remains unfilled post-Easterly, with Bridget Bean taking over acting duties for now.
Bleeping Computer
A flaw in O2 UK's implementation of VoLTE and WiFi Calling technologies could allow anyone to expose the general location of a person and other identifiers by calling the target. [...]
The Register
Proving yet again that crims are bad at search hygiene An Alabama man who SIM-swapped his way into the SEC's official X account, enabling a fake ETF announcement that briefly pumped Bitcoin, has been sentenced to 14 months in prison and three years of supervised release.…
Dark Reading
The online service has since been shut down as the agency grapples with the cyberattack, though it assures the public that those most in need of legal assistance will still be able to access help.
Bleeping Computer
Microsoft has released out-of-band updates to fix a known issue causing Windows 10 systems to boot into BitLocker recovery after installing the May 2025 security updates. [...]