The Hacker News

Stealit Malware Abuses Node.js Single Executable Feature via Game and VPN Installers

Fortinet warns Stealit malware uses Node.js SEA and fake installers to deliver stealers, RATs, and persistence.

From infostealer to full RAT: dissecting the PureRAT attack chain

Researchers map a campaign that escalated from a Python infostealer to a full PureRAT backdoor — loaders, evasions, and ...
GitHub

[Feature] create shell shims even for .exe (WSL)

Right now any scoop applications that use .cmd or .ps1 files to start get a shell shim (without extension) so things work with Cygwin and WSL. That works great.