The Hacker News

⚡ Weekly Recap: AI Skill Malware, 31Tbps DDoS, Notepad++ Hack, LLM Backdoors and More

This week’s cyber recap covers AI risks, supply-chain attacks, major breaches, DDoS spikes, and critical vulnerabilities security teams must track.

Malicious packages for dYdX cryptocurrency exchange empties user wallets

Open source packages published on the npm and PyPI repositories were laced with code that stole wallet credentials from dYdX ...

Substack Hacked — What 50 Million Users Need To Know

Substack, the hugely popular online content platform with 50 million active subscribers, has confirmed it has been hacked.
Microsoft

New Clickfix variant ‘CrashFix’ deploying Python Remote Access Trojan

CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger.exe and portable Python to evade detection and persist on high‑value systems.
Comicbook.com

5 Best Pokémon ROM Hacks to Play In 2026

Click to share on X (Opens in new window) X Click to share on Facebook (Opens in new window) Facebook It’s no secret that Pokémon games tend to follow the same trends, mimicking each other and ...
World Socialist Web Site

New Zealand “ManageMyHealth” hack exposes thousands of patients’ medical records

A ransomware attack on New Zealand’s “ManageMyHealth” (MMH) medical portal, disclosed on New Year’s Day, has exposed sensitive medical records of some 127,000 patients nationwide. The cybercriminal ...
CSOonline

Notorious BreachForums hacking site hit by ‘doomsday’ leak of 324,000 criminal users

Prominent crime forum BreachForums has suffered a new and possibly fatal blow to its reputation after the revelation that a database of thousands of criminals using it was stolen months ago. News of ...
St. Louis Post-Dispatch

Website for Missouri employees could be shut down for weeks after hack attempt

JEFFERSON CITY — It could take cybersecurity workers weeks to restore a key website serving more than 50,000 employees of Missouri state government. Post-Dispatch photographers capture hundreds of ...
CoinTelegraph

Trust Wallet will cover $7M lost in Christmas Day hack, CZ says

The malicious Trust Wallet extension has also been exporting users’ personal information, pointing to potential insider activity, according to cybersecurity company SlowMist. Trust Wallet users lost ...
Reuters

Hacking group 'ShinyHunters' threatens to expose premium users of sex site Pornhub

WASHINGTON, Dec 16 (Reuters) - The hacking group "ShinyHunters" said on Tuesday it has stolen data belonging to premium customers of the leading sex website Pornhub and is threatening to publish it.
Ars Technica

In 1995, a Netscape employee wrote a hack in 10 days that now runs the Internet

Thirty years ago today, Netscape Communications and Sun Microsystems issued a joint press release announcing JavaScript, an object scripting language designed for creating interactive web applications ...
GitHub

Zehra/Awesome-Hacking-Tools

A curated list of awesome Hacking Tools. If you want to contribute to this list send me a pull request. ace 1.10 Automated Corporate Enumerator. A simple yet powerful VoIP Corporate Directory ...