The Hacker News

Fake Python Spellchecker Packages on PyPI Delivered Hidden Remote Access Trojan

Two fake spellchecker packages on PyPI hid a Python RAT in dictionary files, activating malware on import in version 1.2.0.

An AI Toy Exposed 50,000 Logs of Its Chats With Kids to Anyone With a Gmail Account

AI chat toy company Bondu left its web console almost entirely unprotected. Researchers who accessed it found nearly all the ...