Hugging Face platform hijacked to send out Android malware - here's what we know so far

Hackers are abusing the Hugging Face platform to deliver Android malware which can entirely take over compromised endpoints, ...

AlphaTON’s Claude Connector Accelerates User Shift Away From Big Tech AI Practices That Steal Ideas and Data

MCP (Model Context Protocol): This is the "glue." Users run MCP servers on the Mac mini, which allows Claude to securely "talk" to local databases, smart home devices, and blockchain wallets (like the ...
CSO Online

Hugging Face infra abused to spread Android RAT in a large-scale malware campaign

A fake security app called TrustBastion is being used to drop remote‑access malware hosted on Hugging Face, with attackers generating thousands of Android package variants to evade detection, ...
SecurityWeek

Hugging Face Abused to Deploy Android RAT

Hackers have abused the Hugging Face infrastructure to host a malicious payload and infect Android users with a remote access trojan.

Hugging Face abused to spread thousands of Android malware variants

A new Android malware campaign is using the Hugging Face platform as a repository for thousands of variations of an APK ...
The Financial Express

Explained | How UIDAI’s new Aadhaar app enables secure offline verification

The UIDAI has launched the new Aadhaar App, enabling secure offline verification through digitally signed Verifiable ...

Thousands of iPhone apps expose data inside Apple App Store

Researchers found Apple iOS app security flaws that expose user data and payment systems despite positive App Store reviews, ...
Visual Studio Magazine

Hands On with New GitHub Agents Tab for Repo-Level Copilot Coding Agent Workflows

GitHub's new Agents tab centralizes Copilot coding agent sessions in a repository, making it easier to launch tasks, track progress, and review the resulting pull requests in standard tooling such as ...

The Linux community now has a succession plan for when Linus Torvalds checks out, after an apparently uplifting discussion about 'our eventual march toward death'

"In the absence of an agreed-upon process, the community would find itself playing Calvinball at an awkward time." ...
WeLiveSecurity

Love? Actually: Fake dating app used as lure in targeted spyware campaign in Pakistan

ESET researchers discover an Android spyware campaign targeting users in Pakistan via romance scam tactics, revealing links to a broader spy operation.