The Hacker News

Self-Replicating Worm Hits 180+ npm Packages to Steal Credentials in Latest Supply Chain Attack

"Each published package becomes a new distribution vector: as soon as someone installs it, the worm executes, replicates, and ...
Tax Guru

Tax Consultants Chamber Requests ITR Filing Extension Amid Technical Issues

The Chamber of Tax Consultants requests a 15-day extension for non-audit ITR filings due on 15 Sept 2025, citing portal glitches and taxpayer ...
The Hacker News

HiddenGh0st, Winos and kkRAT Exploit SEO, GitHub Pages in Chinese Malware Attacks

August 2025 campaigns deliver kkRAT and Gh0st RAT variants via SEO poisoning, disabling antivirus to hijack crypto wallets.
Ervik.as

Wormable Malware Causing Supply Chain Compromise of npm Code Packages

Reports surfaced that the widely used npm package @ctrl/tinycolor had been compromised by Wormable Malware as part of a ...
Security Boulevard

Detect Secrets in GitLab CI Logs using ggshield and Bring Your Own Source

Discover how to automatically detect secrets in GitLab CI logs using ggshield and GitGuardian's Bring Your Own Source ...
The Financial Express

Income Tax Return AY 2025-26 Highlights: ITR filing due date ends amid complaints of portal glitches

ITR Due Date Extension 2025 Live Updates: More than 7.3 crore ITRs have been filed till September 15, crossing last year’s ...
Security Boulevard

Self-Replicating Worm Compromising Hundreds of NPM Packages

Hulud" has compromised hundreds of packages in the npm repository with a self-replicating worm that steals secrets like API key, tokens, and cloud credentials and sends them to external servers that ...
Communications of the ACM

Fifty Years of Open Source Software Supply-Chain Security

An open source software supply-chain vulnerability is an exploitable weakness in trusted software caused by a third-party, ...

ITR Filing After Due Date FY 2024-25 Live: Deadline for return filing ends, Know how to file belated ITR with penalty; Check how to Track Refund

As of September 15, around 7.08 crore ITRs have been filed, while around 6 crore ITRs have been e-verified. Previously, the ...
CSO Online

Warning: Hackers have inserted credential-stealing code into some npm libraries

Dozens of npm libraries, including a color library with over 2 million downloads a week, have been replaced with novel self-replicating credential-stealing code in yet another wave of a supply chain ...
XDA Developers on MSN

5 must-use extensions for Raycast

The Image Modification extension on Raycast is ideal for the job. On the image transformation front, it can flip, rotate, ...
Hackaday

This Week In Security: The Shai-Hulud Worm, ShadowLeak, And Inside The Great Firewall

Hardly a week goes by that there isn’t a story to cover about malware getting published to a repository. Last week it was ...