The Hacker News

Salesforce Disables Klue App Integration After OAuth Token Abuse Exposes Customer Data

Salesforce disabled Klue Battlecards integration after attackers used compromised OAuth tokens to access customer CRM data ...

The Steam Workshop is being used to spread malware to thousands of users

Steam is one of the most popular storefronts in PC gaming, but it turns out that the Steam Workshop might presently be ...
The Hacker News

Fake Microsoft Alerts Used to Deploy North Korean NarwhalRAT Malware

North Korea-linked ScarCruft uses fake Microsoft Account alerts and ZIP files to deliver NarwhalRAT, a Python RAT built for ...

I let Claude audit my messy Home Assistant setup, and it was a massive wake-up call

I gave Claude access to my Home Assistant. It helped me audit, debug, and improve my smart home better than I ever could have ...

Norks blast 250+ fake job offers to developers over 6 weeks to try and snarf creds and crypto

There's another likely North Korean-linked scam hitting developers and their employers, while snarfing up credentials and ...
Cryptopolitan on MSN

JINX-0164 hijacks crypto developer machines through phony meeting links

A group of hackers, named JINX-0164, has been contacting crypto devs via LinkedIn and inviting them to fake meetings that ...

Fritz SmartEnergy 250: PV battery control via emulation

If you use batteries with a balcony power plant, you can control them according to your needs. Can Fritz SmartEnergy 250 emulate a smart meter?
GitHub

Meraki Dashboard API Python Library

The Meraki Dashboard API Python library provides all current Meraki dashboard API calls to interface with the Cisco Meraki cloud-managed platform. Meraki generates the library based on dashboard API's ...
GitHub

password-generator-python

A powerful and flexible Python-based tool for generating high-quality password dictionaries for penetration testing and cybersecurity research. This project allows users to create custom wordlists ...
CoinDesk

Solana, Sui and Aptos wallet data targeted in TrapDoor package attack

A newly discovered supply-chain campaign called TrapDoor has planted more than 34 malicious packages across npm, PyPI and Crates.io to target crypto and cloud developers. The packages, disguised as ...