Hackers exploit Marimo flaw to deploy NKAbuse malware from Hugging Face

Hackers are exploiting a critical vulnerability in Marimo reactive Python notebook to deploy a new variant of NKAbuse malware ...
The Hacker News

Marimo RCE Flaw CVE-2026-39987 Exploited Within 10 Hours of Disclosure

Marimo CVE-2026-39987 exploited within 10 hours of disclosure, enabling unauthenticated RCE and credential theft, emphasizing urgent patching needs.
The Hacker News

36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants

Strapi plugins exploit Redis and PostgreSQL via postinstall scripts, enabling persistent access and data theft.
GitHub

google_photos_mobile_client

Google Photos client based on reverse engineered mobile API. usage: gpmc [-h] [--auth_data AUTH_DATA] [--album ALBUM] [--proxy PROXY] [--progress] [--recursive ...
Reuters

Four partners leave EY after breaches of Shell audit, FT reports

Feb 12 (Reuters) - Four EY partners have left the firm after breaching independence rules during its audit of Shell (SHEL.L), opens new tab that led to the termination of a $66 million-a-year contract ...
GitHub

state-machine-learning

Python framework for hardware reverse engineering: signal analysis, protocol decoding, and automated dissector generation. IEEE-compliant measurements, differential analysis, CRC recovery.
List of Banks in Belarus

Shell picks PwC as auditor to replace EY

LONDON, Feb 6 (Reuters) - Shell has chosen PricewaterhouseCoopers (PwC) as its next auditor after a tender process, with PwC set to replace EY from 2027, the oil major said on Friday. Britain's ...
SecurityWeek

Cryptominers, Reverse Shells Dropped in Recent React2Shell Attacks

Two IP addresses accounted for the majority of the 1.4 million exploitation attempts observed over the past week. React2Shell exploitation activity remains strong, with over 1.4 million attempts ...