US company fined $313,420 over claims that it excluded US citizens from applying for Python developer's post; told to train …

A New Jersey firm, Compunnel Software Group, will pay over $313,000 to settle claims of illegally favoring temporary visa ...
SecurityWeek

Cloudflare-Themed ClickFix Attack Drops Infiniti Stealer on Macs

A new ClickFix attack that leverages a Nuitka loader targets macOS users with the Python-based Infiniti Stealer malware.

New Infinity Stealer malware grabs macOS data via ClickFix lures

A new info-stealing malware named Infinity Stealer is targeting macOS systems with a Python payload packaged as an executable using the open-source Nuitka compiler.
The Hacker News

TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

Hackers compromise Axios npm package to drop cross-platform malware

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...
eWeek

Google Addresses Privacy Concerns Around Gemini in Gmail

Google says Gemini does not train on Gmail data, outlines privacy safeguards, and introduces new mental health and crisis ...
Crowdfund Insider

Anthropic Inadvertently Exposes Claude AI Code, Internet Quickly Takes Over

Anthropic inadvertently released the code behind Claude AI this week, which the internet quickly noticed and exploited. While ...

Supply chain blast: Top npm package backdoored to drop dirty RAT on dev machines

Updated: Hijacked maintainer account let attackers slip cross-platform trojan into 100M-downloads-a-week Axios ...
eWeek

Baidu Robotaxi Failure in Wuhan Raises Safety Questions

Baidu’s robotaxi outage in Wuhan stranded riders and raised new concerns about autonomous vehicle safety and system reliability.

A 4 a.m. scramble turned Anthropic's leak into a 'workflow revelation'

On X, Shou linked to a zip file with the leaked code. He is the CTO of Fuzzland and a dropout of the UC Berkeley Ph.D.
Live Bitcoin News

The Wallet Standard AI Agents Were Missing Just Got a Hackathon

RippleX joins MoonPay's Open Wallet Standard Hackathon with XRPL and RLUSD challenge tracks targeting agentic finance and ...
Security Boulevard

CanisterWorm: The Self-Spreading npm Attack That Uses a Decentralized Server to Stay Alive

UTC, Aikido Security detected an unusual pattern across the npm registry: dozens of packages from multiple organizations were receiving unauthorized patch updates, all containing the same hidden ...