5 ways to spot software supply chain attacks and stop worms - before it's too late

A Dune-inspired worm recently hit CrowdStrike and npm, infecting hundreds of packages. Here's what happened - and how to protect your code.
Krebs on Security

Self-Replicating Worm Hits 180+ Software Packages

The novel malware strain is being dubbed Shai-Hulud — after the name for the giant sandworms in Frank Herbert’s Dune novel ...
WeLiveSecurity

DeceptiveDevelopment: From primitive crypto theft to sophisticated AI-based deception

ESET researchers reveal how malware operators collaborate with covert North Korean IT workers, posing a threat to both headhunters and job seekers.
The Hacker News

⚡ Weekly Recap: Chrome 0-Day, AI Hacking Tools, DDR5 Bit-Flips, npm Worm & More

Explore emerging attack methods, evolving AI-driven threats, supply chain risks, and strategies to strengthen defenses and ...

North Korea's Lazarus Group shares its malware with IT work scammers

North Korean-linked crews connected to the pervasive IT worker scams have upped their malware game, using more advanced tools ...

How to keep your money safe from hackers

From what makes a good password to the strongest two-factor authentication methods, here are tips on how to avoid becoming a ...
The Hacker News

North Korean Hackers Use New AkdoorTea Backdoor to Target Global Crypto Developers

North Korea’s Contagious Interview spreads AkdoorTea and TsunamiKit to steal crypto and infiltrate global developers.
Bitdefender

Patch Your Browser! Google Addresses a Newly Exploited Security Flaw in Chrome’s V8 Engine

Google is rolling out updated versions of Chrome to the masses, signaling that attackers are exploiting a newly discovered ...
InfoWorld

VS Code 1.104 emphasizes AI model selection, agent security

The latest update to Microsoft’s code editor previews an automatic model selection capability and improvements to agent ...

New Malware Exploits Fake Job Ads to Hit Crypto Wallets on Windows, Mac, Linux

A newly discovered cross-platform malware dubbed ModStealer is slipping past antivirus systems and targeting crypto wallets on Windows, macOS, and Linux, according to researchers at Apple device ...

Undetectable Malware Targeting Crypto Wallet Data Of Job Seekers: Report

An infostealer particularly focused on stealing cryptocurrency wallet data from macOS, Windows and Linux users has been ...

Chainguard launches trusted collection of verified JavaScript libraries

Chainguard Libraries for JavaScript include builds that are malware-resistant and built from source on SLSA L2 infrastructure ...