Security News This Week: Jeffrey Epstein Had a ‘Personal Hacker,’ Informant Claims

Plus: AI agent OpenClaw gives cybersecurity experts the willies, China executes 11 scam compound bosses, a $40 million crypto ...

Mandiant details how ShinyHunters abuse SSO to steal cloud data

Mandiant says a wave of recent ShinyHunters SaaS data-theft attacks is being fueled by targeted voice phishing (vishing) attacks and company-branded phishing sites that steal single sign-on (SSO) ...
The Hacker News

Fake Python Spellchecker Packages on PyPI Delivered Hidden Remote Access Trojan

Two fake spellchecker packages on PyPI hid a Python RAT in dictionary files, activating malware on import in version 1.2.0.
GitHub

ASTM Noise Analysis Tool

Version 3.2.0 - A Python-based tool for analyzing noise in lamp data according to ASTM standards. This release adds macOS/Linux helpers, enforces wheel-only installs, and keeps the same GUI/reporting ...
Cybernews

Pentest tools left online are allowing hackers to exploit Fortune 500 firms

Hackers are exploiting intentionally vulnerable penetration testing and security training apps that have been mistakenly exposed to the public internet, giving them access to cloud environments ...

A new LinkedIn phishing scam is targeting executives online - make sure you don't fall for this

Business executives and IT admins are being targeted by a highly sophisticated phishing attack which doesn’t happen in the ...
The Hacker News

Hackers Use LinkedIn Messages to Spread RAT Malware Through DLL Sideloading

Researchers found a LinkedIn phishing campaign delivering a remote access trojan via DLL sideloading, WinRAR SFX files, and ...

Learn ethical hacking online with this $36 lifetime bundle! Seats still available

A deeply practical ethical hacking bundle teaches real cybersecurity, pentesting, and bug-bounty skills for just $35.99, ...
GitHub

Baloon is a command-line tool and Python library for converting between geospatial vector formats. Convert BLN, Shapefile, GeoJSON, KML, GeoPackage, and SVG files quickly and ...

The output path must be a directory; it will be created if it does not exist. Input formats are auto-detected per file. Unsupported formats and write-only inputs (e.g., SVG) are skipped with a warning ...