The Hacker News

Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT Malware

Compromised dYdX npm and PyPI packages delivered wallet-stealing malware and a RAT via poisoned updates in a software supply chain attack.
Microsoft

New Clickfix variant ‘CrashFix’ deploying Python Remote Access Trojan

CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger.exe and portable Python to evade detection and persist on high‑value systems.
The Hacker News

APT36 and SideCopy Launch Cross-Platform RAT Campaigns Against Indian Entities

Pakistan-aligned APT36 and SideCopy target Indian defense and government entities using phishing-delivered RAT malware across Windows and Linux system ...
Opinion
PCMag on MSNOpinion

I Tried the Flipper Zero for Fun and Ended Up Hacking Everything in My Home

It looks like a cute little dolphin-themed toy, but don't be fooled—the Flipper Zero is a surprisingly powerful learning tool for hacking, and if you're not careful, it can get you into some very ...

LummaStealer infections surge after CastleLoader malware campaigns

A surge in LummaStealer infections has been observed, driven by social engineering campaigns leveraging the ClickFix technique to deliver the CastleLoader malware.

How Jeffrey Epstein Manipulated Google Search To Bury His Past

Using a mix of search engine experts and “hackers,” Epstein sought to promote his philanthropy so he could bury negative news ...

Once-hobbled Lumma Stealer is back with lures that are hard to resist

The FBI and an international coalition of its counterparts took action early last year. In May, they said they seized 2,300 domains, command-and-control infrastructure, and crime marketplaces that had ...
PCMag on MSN

Fake Version of Popular Archiver Site Is Distributing Malware, Taking Over PCs

Watch what you type. The real 7-Zip uses a .org domain, but a .com version is distributing a Trojan, according to antivirus provider Malwarebytes.