Hazy Hawk Exploits DNS Records to Hijack CDC, Corporate Domains for Malware Delivery

100+ Fake Chrome Extensions Found Hijacking Sessions, Stealing Credentials, Injecting Ads

South Asian Ministries Hit by SideWinder APT Using Old Office Flaws and Custom Malware

AWS Default IAM Roles Found to Enable Lateral Movement and Cross-Service Exploitation

The Crowded Battle: Key Insights from the 2025 State of Pentesting Report

Cybersecurity researchers have uncovered malicious packages uploaded to the Python Package Index (PyPI) repository that act as checker tools to validate stolen email addresses against TikTok and Instagram APIs.
All three packages are no longer available on PyPI. The names of the Python packages are below -

checker-SaGaF (2,605 downloads)
steinlurks (1,049 downloads)
sinnercore (3,300 downloads)

Headline

Malicious PyPI Packages Exploit Instagram and TikTok APIs to Validate User Accounts

The Hacker News: Latest News