News

The Hacker News7h

20 Popular npm Packages With 2 Billion Weekly Downloads Compromised in Supply Chain Attack

According to ReversingLabs' 2025 Software Supply Chain Security Report, 14 of the 23 crypto-related malicious campaigns in ...
The Hacker News4d

TAG-150 Develops CastleRAT in Python and C, Expanding CastleLoader Malware Operations

CastleRAT and CastleLoader, active since March 2025, spread malware via phishing and GitHub repos, enabling data theft.
Cryptopolitan on MSN4d

Brian Armstrong’s demanded Coinbase AI coding tool can be hijacked by new virus

Cybersecurity firm HiddenLayer uncovers a “CopyPasta License Attack” that exploits Coinbase’s favored AI coding tool, Cursor.

Hackers find new way to hide malware in Ethereum smart contracts

Security researchers found malware packages using the Ethereum blockchain to conceal malicious commands on GitHub repos.
InfoWorld4d

What makes JavaScript great

JavaScript’s low bar to entry has resulted in one of the richest programming language ecosystems in the world. This month’s ...
The Currency Analytics4d

Hackers Exploit Ethereum Smart Contracts to Conceal Malware

ReversingLabs reveals hackers using Ethereum Smart contracts in NPM packages to conceal malware URLs, bypass scans, and ...
Techrights2h

Links 09/09/2025: “Torrents of Hate” and Political Crisis in France

The 'Scattered Lapsus$ Hunters' group has taken credit for the cyberattack on JLR. The luxury brand, which the Tata Group ...
Security Boulevard4d

NYU Scientists Develop, ESET Detects First AI-Powered Ransomware

Scientists at NYU developed a ransomware prototype that uses LLMs to autonomously to plan, adapt, and execute ransomware attacks. ESET researchers, not knowing about the NYU project, apparently ...