RVTools Official Site Hacked to Deliver Bumblebee Malware via Trojanized Installer

Ransomware Gangs Use Skitnet Malware for Stealthy Data Theft and Remote Access

Why CTEM is the Winning Bet for CISOs in 2025

Firefox Patches 2 Zero-Days Exploited at Pwn2Own Berlin with $100K in Rewards

⚡ Weekly Recap: Zero-Day Exploits, Insider Threats, APT Targeting, Botnets and More

Cybersecurity researchers have uncovered three malicious packages in the npm registry that masquerade as a popular Telegram bot library but harbor SSH backdoors and data exfiltration capabilities.
The packages in question are listed below -

node-telegram-utils (132 downloads)
node-telegram-bots-api (82 downloads)
node-telegram-util (73 downloads)


According to supply chain

Headline

Rogue npm Packages Mimic Telegram Bot API to Plant SSH Backdoors on Linux Systems

The Hacker News: Latest News