Axios Abuse and Salty 2FA Kits Fuel Advanced Microsoft 365 Phishing Attacks

RatOn Android Malware Detected With NFC Relay and ATS Banking Fraud Capabilities

From MostereRAT to ClickFix: New Malware Campaigns Highlight Rising AI and Phishing Risks

TOR-Based Cryptojacking Attack Expands Through Misconfigured Docker APIs

[Webinar] Shadow AI Agents Multiply Fast —  Learn How to Detect and Control Them

Cybersecurity researchers are alerting to a software supply chain attack targeting the popular @solana/web3.js npm library that involved pushing two malicious versions capable of harvesting users' private keys with an aim to drain their cryptocurrency wallets.
The attack has been detected in versions 1.95.6 and 1.95.7. Both these versions are no longer available for download from the npm

Headline

Researchers Uncover Backdoor in Solana's Popular Web3.js npm Library

The Hacker News: Latest News