The Hacker News

Experts Confirm JS#SMUGGLER Uses Compromised Sites to Deploy NetSupport RAT

Researchers detail JS#SMUGGLER, a multi-stage web attack using JavaScript, HTA, and PowerShell to deploy NetSupport RAT on ...
CPO Magazine

North Korean Hackers Target Developers with Nearly 200 Malicious NPM Packages in “Contagious Interview” Hacking Campaign

North Korean hackers intensify their efforts against blockchain and Web3 developers, using nearly 200 malicious npm packages ...
Dark Reading

'ShadyPanda' Hackers Weaponize Millions of Browsers

The China-based cyber-threat group has been using malicious extensions on the Google Chrome and Microsoft Edge marketplaces ...

Popular JavaScript library can be hacked to allow attackers into user accounts

A popular JavaScript cryptography library is vulnerable in a way which could allow threat actors to break into user accounts.
The Hacker News

RomCom Uses SocGholish Fake Update Attacks to Deliver Mythic Agent Malware

RomCom just hit a US engineering firm via SocGholish for the first time, deploying Mythic Agent before defenders cut the ...

Popular Chrome and Edge extensions go rogue, infecting over 4 million devices with spyware

According to researchers at cybersecurity firm Koi, a China-based hacking syndicate known as ShadyPanda is actively ...
SecurityWeek

Chrome 143 Patches High-Severity Vulnerabilities

Google promoted Chrome 143 to the stable channel with patches for 13 vulnerabilities reported by external researchers.
Crypto News

Massive NPM Supply-Chain Attack Targets ENS-Linked Libraries in Shai Hulud Breach

Shai-Hulud malware infiltrates 490 NPM packages, stealing API keys and credentials from ENS and major crypto development ...

NPM supply-chain attack compromises major ENS and crypto libraries

A researcher reported that more than 400 NPM libraries, including a cluster of ENS-linked crypto packages, were breached by the Shai Hulud malware.

New Sandia Lab breakthrough could boost quantum computing

A team of Sandia National Labs scientists have found a new way to speed up downloads and quantum information transmission by ...

Popular Forge library gets fix for signature verification bypass flaw

A vulnerability in the 'node-forge' package, a popular JavaScript cryptography library, could be exploited to bypass ...
The Dispatch–Argus

Norlin Mommsen to run for reelection to Iowa House District 70

Mommsen represents House District 70, which covers parts of Clinton, Jackson and Scott counties, including DeWitt, Maquoketa ...