FBI Warns of UNC6040 and UNC6395 Targeting Salesforce Platforms in Data Theft Attacks

Samsung Fixes Critical Zero-Day CVE-2025-21043 Exploited in Android Attacks

Apple Warns French Users of Fourth Spyware Campaign in 2025, CERT-FR Confirms

New HybridPetya Ransomware Bypasses UEFI Secure Boot With CVE-2024-7344 Exploit

Critical CVE-2025-5086 in DELMIA Apriso Actively Exploited, CISA Issues Warning

Cybersecurity researchers have identified three sets of malicious packages across the npm and Python Package Index (PyPI) repository that come with capabilities to steal data and even delete sensitive data from infected systems.
The list of identified packages is below -

@async-mutex/mutex, a typosquat of async-mute (npm)
dexscreener, which masquerades as a library for accessing liquidity pool

Headline

Hackers Deploy Malicious npm Packages to Steal Solana Wallet Keys via Gmail SMTP

The Hacker News: Latest News