• GitHub-hosted malware campaign uses split payload to evade detection
• Handala Group Tied to Iranian Hack‑and‑Leak Operations, FBI Reveals
• Most Cybersecurity Staff Don’t Know How Fast They Could Stop a Cyber-Attack on AI Systems
• Tycoon2FA Phishing Service Resumes Activity Post-Takedown
• High-Tech Sector Overtakes Finance as Top Target for Cyber-Attacks, Mandiant Reports
• Trivy Supply Chain Attack Expands With New Compromised Docker Images
• CISA Orders US Government to Patch Maximum Severity Cisco Flaw
• Operation Alice Takes Down 370,000+ Dark Web Sites
• Hackers Exploit Critical Langflow Bug in Just 20 Hours
• NCA Boss Warns That Teens Are Being “Radicalized” Into Cybercrime Online
• Ransomware Affiliate Exposes Details of 'The Gentlemen' Operation
• Financial Brands Targeted in Global Mobile Banking Malware Surge
• FCA Updates Cyber Incident and Third-Party Reporting Rules
• AWS Warns Hackers Have Abused Cisco Firewall Zero-Day Since January
• UK: Regulation Drives Cyber Spending for Critical Infrastructure Orgs
• New Ubuntu Flaw Enables Local Attackers to Gain Root Access

A large-scale malware delivery campaign has been targeting developers, gamers, and general users through fake tools hosted on GitHub, Netskope researchers have warned. These “lures” are highly polished and appear legitimate, occasionally mimicking real projects, thus making them difficult to distinguish from safe software. A dual-component trojan is delivered Netskope threat researchers first discovered a trojanized GitHub repository ostensibly offering a Docker image of the OpenClaw AI assistant. The repo was very convincing. “The README …