Morning Overview on MSN

Malicious open-source packages surge 73% in 2026 as threat actors weaponize the software supply chain

In the first five months of 2026, security researchers have flagged more malicious packages on the npm registry than in all ...

Backdoored PyTorch Lightning package drops credential stealer

A malicious version of the PyTorch Lightning package published on the Python Package Index (PyPI) delivers a ...
The Hacker News

⚡ Weekly Recap: AI-Powered Phishing, Android Spying Tool, Linux Exploit, GitHub RCE & More

Critical cPanel flaw under attack, Copy Fail Linux privilege escalation, TeamPCP supply chain campaign, GitHub RCE & major ...
SecurityWeek

Trellix Source Code Repository Breached

Trellix says a part of its source code repository was recently breached, but shared little other information about the ...

Trellix discloses data breach after source code repository hack

Cybersecurity firm Trellix disclosed a data breach after attackers gained access to "a portion" of its source code repository ...
SecurityWeek

Exploitation of ‘Copy Fail’ Linux Vulnerability Begins

Threat actors have started to exploit Copy Fail (CVE-2026-31431), a Linux kernel vulnerability leading to root shell access.