SecurityWeek

ForceMemo: Python Repositories Compromised in GlassWorm Aftermath

Hackers use credentials stolen in the GlassWorm campaign to access GitHub accounts and inject malware into Python repositories.

The Age of Eerie A.I. Political Ads Is Here

The A.I. era of campaign advertising seems to be upon us — and it’s a pretty fast-moving and complex situation. Fortunately, ...

Cascade of A.I. Fakes About War With Iran Causes Chaos Online

“The use of A.I. images of places in the Gulf — being burnt or damaged — becomes more important in Iran’s playbook,” Mr.
Radio Free Europe/Radio Liberty

AI-Generated Videos Are Spreading Amid War In Iran -- Here’s How To Spot Them

AI-generated videos are flooding social media amid the war in Iran, distorting what viewers see online. Here’s how to tell ...

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...
The Poynter Institute for Media Studies

Fake images from the Iran war are spreading online. Here’s how to spot them

Old videos, AI-generated imagery and misleading captions are circulating widely on social media as the conflict unfolds ...

Fake enterprise VPN sites used to steal company credentials

A threat actor tracked as Storm-2561 is distributing fake enterprise VPN clients from Ivanti, Cisco, and Fortinet to steal ...

AI fake news detectors are not as good as you think

A new study from the Université de Montréal found that AI fake news detectors are far less reliable than advertised, ...
Microsoft

Storm-2561 uses SEO poisoning to distribute fake VPN clients for credential theft

Storm-2561 uses SEO poisoning to push fake VPN downloads that install signed trojans and steal VPN credentials. Active since 2025, Storm-2561 mimics trusted brands and abuses legitimate services. This ...