The Hacker News

Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT

JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.

A wrong click on WhatsApp and strangers can control your phone

Anyone receiving a file via WhatsApp from a seemingly familiar contact should be particularly cautious at the moment.

Stealthy Mistic backdoor linked to ransomware access broker KongTuke

A new backdoor dubbed Mistic has been observed in financially motivated attacks targeting organizations in the insurance, ...
Microsoft

From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...
SecurityWeek

In Other News: Apple Patches Beats Eavesdropping Flaw, DOT Closes Delta CrowdStrike Probe, AWS Continuum

Android TV botnet Popa linked to Israeli firm, Velvet Ant maintained decade-long stealth, unpatched GCP flaw enables takeover.
Tech Times

npm Supply Chain Attack: North Korea Backdoored 144 AI Packages in 88 Minutes

Mastra AI’s 144 JavaScript packages was executed in just 88 minutes by North Korea’s Sapphire Sleet hacking group, which ...

New Malware Attack Exploits WhatsApp Desktop And Web Users, Report Reveals

Recent research by Kaspersky reveals that malware campaigns are targeting WhatsApp, including its web and desktop versions, ...

Frontline Systems Launches RASON® Desktop: Brings Simulation, Optimization, Decision Intelligence Directly into Power BI

Business users can now determine the best course of action under real-world constraints and uncertainty, with input ...
The Next Web

Microsoft finds USB worm that steals cryptocurrency through clipboard hijacking and Tor

Microsoft discovered a self-spreading USB worm active since February that monitors clipboards for crypto wallets and routes stolen data through Tor.
Indianapolis Business Journal

NCAA approves new eligibility rules giving Division I athletes 5 years to play 5 seasons

The NCAA believes the age-based model will make rules easier to administer and help make roster management more predictable for coaches.
CoinTelegraph

Microsoft warns users of 'Crypto Clipper' malware spread via USB drives

The malware blends data theft with remote code execution, “turning a financially motivated stealer into a lightweight backdoor,” Microsoft said. Microsoft Threat Intelligence is warning Windows users ...
Newspoint on MSN

Major threat on WhatsApp: Users being targeted

Malware Attack on WhatsApp: If you use the web or desktop versions of WhatsApp, you need to be cautious. Users are currently ...