The Hacker News

Malicious npm Package Posing as OpenClaw Installer Deploys RAT, Steals macOS Credentials

Malicious npm package '@openclaw-ai/openclawai' downloaded 178 times installs GhostLoader RAT, stealing credentials and crypto wallets.

New PhantomRaven NPM attack wave steals dev data via 88 packages

New attack waves from the 'PhantomRaven' supply-chain campaign are hitting the npm registry, with dozens of malicious packages that exfiltrate sensitive data from JavaScript developers.
TechAnnouncer

Your Ultimate Guide: A Comprehensive Cloud Computing Tutorial for Beginners

Getting an AWS certification is like getting a badge that says you know your stuff. It can really help your career. For ...

AppsFlyer Web SDK used to spread crypto stealer JavaScript code

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.

ThreatDown Uncovers First Cyber Attack Abusing Deno JavaScript Runtime for Fileless Malware Delivery

ThreatDown, the corporate business unit of Malwarebytes, today published research documenting what researchers believe to be the first documented case of attackers abusing the Deno JavaScript runtime ...

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...

Google GWS CLI Brings Full Workspace Access to AI Agents

Google Workspace CLI adds cross-app command control with pre-built skills; setup needs Google Cloud APIs and an OAuth client in one project.
PolitiFact

Social media feeds are awash with Iran war misinformation. Here’s how to identify false imagery

Tal Hagin, an open-source intelligence analyst based in Israel, compiles misinformation and shares his findings on X daily. He said he’s seen people recycling footage of Iranian missile strikes in ...