Hackaday

This Week In Security: Linux Flaws, Python Ownage, And A Botnet Shutdown

Qualys reports the discovery by their threat research unit of vulnerabilities in the Linux AppArmor system used by SUSE, Debian, Ubuntu, and ...

GhostClaw turns GitHub habits into a macOS malware pipeline

GhostClaw, a macOS infostealer, is spreading through GitHub repositories and developer tools, and it works because routine install habits make running malware feel completely normal.

GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...
The Hacker News

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos

GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...

Betterleaks, a new open-source secrets scanner to replace Gitleaks

A new open-source tool called Betterleaks can scan directories, files, and git repositories and identify valid secrets using default or customized rules.