News

Crypto users urged to take extreme care as NPM attack hits core JavaScript libraries

Hackers hijacked NPM libraries in a massive supply chain attack, injecting malware that swaps crypto wallet addresses to steal funds.
The Hacker News

CountLoader Broadens Russian Ransomware Operations With Multi-Version Malware Loader

CountLoader enables Russian ransomware gangs to deploy Cobalt Strike and PureHVNC RAT via Ukraine phishing campaigns.
Krebs on Security

Self-Replicating Worm Hits 180+ Software Packages

The novel malware strain is being dubbed Shai-Hulud — after the name for the giant sandworms in Frank Herbert’s Dune novel ...
Bitdefender

Patch Your Browser! Google Addresses a Newly Exploited Security Flaw in Chrome’s V8 Engine

Google is rolling out updated versions of Chrome to the masses, signaling that attackers are exploiting a newly discovered ...

Apple Releases Safari Technology Preview 228 With Bug Fixes and Performance Improvements

Apple today released a new update for Safari Technology Preview, the experimental browser that was first introduced in March ...

Largest NPM attack in crypto history stole less than $50: SEAL

Less $50 worth of crypto has been stolen from the large-scale JavaScript libraries attack on Monday, which targeted Ethereum ...

VirusTotal finds hidden malware phishing campaign in SVG files

VirusTotal has discovered a phishing campaign hidden in SVG files that create convincing portals impersonating Colombia's ...
The Hacker News

TA558 Uses AI-Generated Scripts to Deploy Venom RAT in Brazil Hotel Attacks

RevengeHotels used AI-generated phishing scripts to deploy Venom RAT in Brazil hotels in 2025, stealing travelers’ credit card data and evading defens ...

Hackers are sneaking malware into SVG images to bypass antivirus - here's what we know

Hackers are sharing malicious SVG files which spoof real-life websites in order to trick victims into downloading damaging ...

Google nukes 224 Android malware apps behind massive ad fraud campaign

A massive Android ad fraud operation dubbed "SlopAds" was disrupted after 224 malicious applications on Google Play were used ...

Massive npm hack poisons 18 packages with billions of downloads

Aikido Security Ltd. today disclosed what is being described as the largest npm supply chain compromise to date, after ...
PCMag on MSN

Hacker Pwns Programmer, Infects Widely Used Software With Malware

The malware was found in 18 npm packages that together are usually downloaded over 2 billion times per week. But the security ...