The Hacker News

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos

GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...

AppsFlyer Web SDK used to spread crypto stealer JavaScript code

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...

Downloaded a malware-infected Steam game? The FBI wants to hear from you

According to the FBI's website, the agency's Seattle branch wants to identify potential victims who installed Steam games infected with malware.
Infosecurity Magazine

Vidar Stealer 2.0 Exploits GitHub, Reddit to Deliver Malware via Fake Game Cheats

Hundreds of GitHub repositories seemingly offering “free game cheats” deliver malware, including the Vidar infostealer, ...
PCMag on MSN

Did a Steam Game Give Your PC Malware? The FBI Wants to Know

In a rare move, the FBI has published an alert 'seeking victim information' related to a hacker exploiting Valve's Steam ...