Security
Headlines
HeadlinesLatestCVEs

Source

HackRead

Hidden Backdoors in npm Packages Let Attackers Wipe Entire Systems

Malicious npm packages found with hidden endpoints that wipe systems on command. Devs warned to check dependencies for express-api-sync, system-health-sync-api.

HackRead
Open in Source
#windows#nodejs#intel#backdoor
Limited Canva Creator Data Exposed Via AI Chatbot Database

A Chroma database operated by Russian AI chatbot startup My Jedai was found exposed online, leaking survey responses…

Chinese-Linked Hackers Targeted 70+ Global Organizations, SentinelLABS

SentinelLABS uncovers widespread China-linked cyber espionage targeting over 70 global organizations and cybersecurity firms between July 2024 and…

New PathWiper Malware Strikes Ukraine’s Critical Infrastructure

Cisco Talos discovers PathWiper, a destructive new malware targeting critical infrastructure in Ukraine, highlighting ongoing cyber threats amidst the Russia-Ukraine conflict.

Litecoin Security: How to Spot, Avoid, and Recover from Crypto Scams

It seems not a day goes by without news of another crypto scam targeting unsuspecting holders. Those owning…

Hackers Using Fake IT Support Calls to Breach Corporate Systems, Google

A financially motivated group of hackers known as UNC6040 is using a simple but effective tactic to breach…

Over 20 Malicious Apps on Google Play Target Users for Seed Phrases

Over 20 malicious apps on Google Play are stealing crypto seed phrases by posing as trusted wallets and exchanges, putting users' funds at risk.

Popular Chrome Extensions Found Leaking Data via Unencrypted Connections

Popular Chrome extensions exposed user data by sending it over unencrypted HTTP, raising privacy concerns. Symantec urges caution for users.

NICKNAME: Zero-Click iMessage Exploit Targeted Key Figures in US, EU

iVerify’s NICKNAME discovery reveals a zero-click iMessage flaw exploited in targeted attacks on US & EU high-value individuals…