资讯

The Hacker News

Self-Replicating Worm Hits 180+ npm Packages to Steal Credentials in Latest Supply Chain Attack

"Each published package becomes a new distribution vector: as soon as someone installs it, the worm executes, replicates, and ...

'WhiteCobra' floods VSCode market with crypto-stealing extensions

A threat actor named WhiteCobra has targeting VSCode, Cursor, and Windsurf users by planting 24 malicious extensions in the ...

New Malware Exploits Fake Job Ads to Hit Crypto Wallets on Windows, Mac, Linux

A newly discovered cross-platform malware dubbed ModStealer is slipping past antivirus systems and targeting crypto wallets ...
Securities.io

NPM Supply-Chain Attack: What Happened and How to Fix It

Qix is an open source maintainer account that was compromised by a phishing attack. This allowed attackers to infect 18 popular npm packages with malicious code. Together, these packages are ...

Telestream Expands Vantage Ecosystem to Empower Distributed Media Organizations with Modern ...

New integrations with Mimir, Iconik, Embrace, and Broadteam enhance interoperability and streamline workflows. Telestream to ...