The Hacker News

North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware

The North Korean threat actors behind the Contagious Interview campaign, also tracked as WaterPlum, have been attributed to a malware family tracked as StoatWaffle that's distributed via malicious ...
GitHub

ZoneFoundry — Agent-friendly Sonos Execution Layer

ZoneFoundry is an open-source CLI and execution layer for controlling Sonos speakers over your local network. It is designed to be called by any agent, bot, or automation system — not just humans.
GitHub

Python utility for fetching Amazfit/Zepp data into local JSON storage and then exporting normalized daily notes to Obsidian.

Fetch and persist raw API payloads plus normalized JSON. Render deterministic Markdown files for Obsidian from normalized data. That split is necessary because the public contract for modern ...
Bleeping Computer

LeakNet ransomware uses ClickFix, Deno runtime in stealthy attacks

The LeakNet ransomware gang is now using the ClickFix technique for initial access into corporate environments and deploys a malware loader based on the open-source Deno runtime for JavaScript and ...
The Hacker News

DRILLAPP Backdoor Targets Ukraine, Abuses Microsoft Edge Debugging for Stealth Espionage

Ukrainian entities have emerged as the target of a new campaign likely orchestrated by threat actors linked to Russia, according to a report from S2 Grupo's LAB52 threat intelligence team. The ...