The Hacker News

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos

GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...
Cybernews

Researcher discovers severe antivirus blind spot: corrupted ZIP files evade nearly all scanners

Hackers can change a single byte to insert malware undetected, posing as an apparently corrupted ZIP file dubbed Zombie Zip.

Qwen3.5 family: Fireworks of new LLMs from Alibaba

Many Qwen LLMs are among the most popular models on Hugging Face (Fig. 1). Qwen is continuously developing the models: after the convincing Qwen3 release in April 2025, the provider introduced a new ...