Infostealer for Windows, macOS and Linux found in ten packages on npm

The npm packages were available since July, have elaborately obfuscated malicious routines, and rely on a fake CAPTCHA to ...
The Hacker News

⚡ Weekly Recap: WSUS Exploited, LockBit 5.0 Returns, Telegram Backdoor, F5 Breach Widens

Active WSUS exploits, LockBit 5.0’s comeback, a Telegram backdoor, and F5’s hidden breach — this week’s biggest cyber threats ...
The Hacker News

APT36 Targets Indian Government with Golang-Based DeskRAT Malware Campaign

An attack campaign undertaken by a Vietnam-aligned hacking group known as OceanLotus (aka APT-Q-31) that delivers the Havoc post-exploitation framework in attacks targeting enterprises and government ...
PCQuest on MSN

Microsoft Teams Token Replay Attack: What Happened and Fixes

Learn how attackers abused Microsoft Teams tokens, how Microsoft fixed the flaw, and how defenders can detect, revoke, and ...