Termite ransomware breaches linked to ClickFix CastleRAT attacks

Ransomware threat actors tracked as Velvet Tempest are using the ClickFix technique and legitimate Windows utilities to deploy the DonutLoader malware and the CastleRAT backdoor.
The Hacker News

Multi-Stage VOID#GEIST Malware Delivering XWorm, AsyncRAT, and Xeno RAT

VOID#GEIST malware campaign delivers XWorm, AsyncRAT, and Xeno RAT using batch scripts, Python loaders, and explorer.exe ...
i-SCOOP

What is the Impact of AGENTS.md Files on the Quality of AI Output?

Are AGENTS.md files actually helping your AI coding agents, or are they making them stupider? We dive into new research from ETH Zurich, real-world experiments, and security risks to find the truth ...
ET CIO

Top 7 Data Orchestration Tools for Enterprises in 2026

Explore the leading data orchestration platforms for 2026 with quick comparisons, practical selection tips, and implementation guidance to keep your data pipelines reliable and scalable.
The Hacker News

Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens

The module targets Claude Code, Claude Desktop, Cursor, Microsoft Visual Studio Code (VS Code) Continue, and Windsurf. It also harvests API keys for nine large language models (LLM) providers: ...
The Manila Times

Weaviate Launches Agent Skills to Empower AI Coding Agents

The new open-source repository delivers structured skills, slash commands, and production-ready cookbooks to reduce AI coding errors and speed up Weaviate-based application development.
GitHub

Sophos Firewall Python SDK

The Sophos Firewall Python SDK was developed by a small community of engineers within Sophos who will be maintaining the project. Questions can be posted to the Q&A section of the Github project. If ...
GitHub

Auto Portable Python Deployer

A self-bootstrapping tool that generates fully portable, zero-install Python deployment packages for Windows. No system Python required. No admin rights. No PATH ...