Dangerous npm packages are targeting developer credentials on Windows, Linux and Mac - here's what we know

Recently, security researchers Socket found 10 packages on npm targeting software developers, specifically those who use the ...
The Hacker News

New AI-Targeted Cloaking Attack Tricks AI Crawlers Into Citing Fake Info as Verified Facts

New SPLX research exposes “AI-targeted cloaking,” a simple hack that poisons ChatGPT’s reality and fuels misinformation.
Developer Tech

Malware campaign on npm steals AWS, GCP, and Azure cloud keys

An advanced malware campaign on the npm registry steals the very keys that control enterprise cloud infrastructure.

Spoofed AI sidebars can trick Atlas, Comet users into dangerous actions

OpenAI's Atlas and Perplexity's Comet browsers are vulnerable to AI sidebar spoofing attacks that mislead users into ...

Biggest cybersecurity attack: 18.3 Crore passwords leaked online, including Gmail logins

While the recent data breach mostly involved passwords recycled from earlier breaches, many users have confirmed that their ...

Hackers steal Discord accounts with RedTiger-based infostealer

Attackers are using the open-source red-team tool RedTiger to build an infostealer that collects Discord account data and ...

Table of Experts: Protecting against fraud

The Business Journal of Milwaukee recently brought together a panel of experts to explain the differences between business ...

The cost of complacency: Navigating the high stakes of modern cybersecurity

Cybersecurity is a business imperative in today’s interconnected world. Here are three tips to help businesses better ...
The Hacker News

10 npm Packages Caught Stealing Developer Credentials on Windows, macOS, and Linux

Ten typosquatted npm packages (Jul 4, 2025) delivered a 24MB PyInstaller info stealer using 4 obfuscation layers; ~9,900 ...

Hackers Unleash Sinister RedTiger Tool To Hijack Discord Accounts And Infect Gaming PCs

Discord users will need to be extra vigilant as an open source tool is being used to attack users of the gamer-oriented communication platform.
AARP

Can You Refuse a Face Scan at the Airport?

The “camera” is a second-generation Credential Authentication Technology scanner (CAT-2), designed to quickly scan a traveler ...

AI browsers can be abused by malicious AI sidebar extensions: Report

What SquareX discovered are malicious extensions that can spoof the legitimate AI sidebars people use for queries. Their goal ...