New Supply Chain Malware Operation Hits npm and PyPI Ecosystems, Targeting Millions Globally

Malicious Browser Extensions Infect 722 Users Across Latin America Since Early 2025

New Atomic macOS Stealer Campaign Exploits ClickFix to Target Apple Users

Empower Users and Protect Against GenAI Data Loss

Microsoft Helps CBI Dismantle Indian Call Centers Behind Japanese Tech Support Scam

Cybersecurity researchers have flagged a supply chain attack targeting over a dozen packages associated with GlueStack to deliver malware.
The malware, introduced via a change to "lib/commonjs/index.js," allows an attacker to run shell commands, take screenshots, and upload files to infected machines, Aikido Security told The Hacker News, stating these packages collectively account for nearly 1

Headline

New Supply Chain Malware Operation Hits npm and PyPI Ecosystems, Targeting Millions Globally

The Hacker News: Latest News