The Hacker News

Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT Malware

Compromised dYdX npm and PyPI packages delivered wallet-stealing malware and a RAT via poisoned updates in a software supply chain attack.
Microsoft

New Clickfix variant ‘CrashFix’ deploying Python Remote Access Trojan

CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger.exe and portable Python to evade detection and persist on high‑value systems.
OSTechNix

32 Essential Python One-Liners for Python’s 32nd Anniversary

Python turns 32. Explore 32 practical Python one-liners that show why readability, simplicity, and power still define the ...
InfoWorld

Kotlin-based Ktor 3.4 boosts HTTP client handling

Update to the Kotlin-backed framework brings duplex streaming to the OkHttp client engine and the ability to cancel in-flight ...
IEEE

Decentralized Multi-Client Functional Encryption for Inner Product With Applications to Federated Learning

Abstract: Decentralized multi-client functional encryption for inner product (DMCFE-IP) enables efficient joint functional computation of private inputs in a secure manner without a trusted third ...
SecurityWeek

‘MadeYouReset’ HTTP2 Vulnerability Enables Massive DDoS Attacks

The new DDoS attack vector, which involves HTTP/2 implementation flaws, has been compared to Rapid Reset. Researchers have discovered another attack vector that can be exploited to launch massive ...
The Hill

Dershowitz says he knows Epstein client list names: ‘But I’m bound by confidentiality’

Editor’s note: This story has been updated to reflect the timing of Sean Spicer’s conversation with Alan Dershowitz. The interview was initially released in March, and Spicer reposted it on July 11.