45 Previously Unreported Domains Expose Longstanding Salt Typhoon Cyber Espionage

GitHub Account Compromise Led to Salesloft Drift Breach Affecting 22 Companies

GPUGate Malware Uses Google Ads and Fake GitHub Commits to Target IT Firms

⚡ Weekly Recap: Drift Breach Chaos, Zero-Days Active, Patch Warnings, Smarter Threats & More

You Didn’t Get Phished — You Onboarded the Attacker

Cybersecurity researchers have discovered several cryptocurrency packages on the npm registry that have been hijacked to siphon sensitive information such as environment variables from compromised systems.
"Some of these packages have lived on npmjs.com for over 9 years, and provide legitimate functionality to blockchain developers," Sonatype researcher Ax Sharma said. "However, [...] the latest

Headline

Nine-Year-Old npm Packages Hijacked to Exfiltrate API Keys via Obfuscated Scripts

The Hacker News: Latest News