Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...
The Hacker News

North Korea-Linked Hackers Target Developers via Malicious VS Code Projects

The North Korean threat actors associated with the long-running Contagious Interview campaign have been observed using malicious Microsoft Visual Studio Code (VS Code) projects as lures to deliver a ...
financefeeds

Hackers explotan biblioteca JavaScript para implementar drenadores de billeteras criptográficas

Los hackers tienen Explotado a flaw in the React JavaScript library to inject code that drains crypto wallets onto websites, primarily on criptomoneda platforms. The React team released a patch on ...
financefeeds

Hackers Exploit JavaScript Library to Deploy Crypto Wallet Drainers

Hackers have exploited a flaw in the React JavaScript library to inject code that drains crypto wallets onto websites, primarily on cryptocurrency platforms. The React team released a patch on ...
CoinTelegraph

Hackers are exploiting a JavaScript library to plant crypto drainers

The React team published a fix on Dec. 3 and advises anyone using the react-server-dom-webpack, react-server-dom-parcel, and react-server-dom-turbopack, to upgrade immediately. There has been a recent ...
bitnewsbot

New JS#SMUGGLER Campaign Distributes NetSupport RAT Malware

Cybersecurity researchers have identified a new malware campaign called JS#SMUGGLER that spreads the remote access trojan NetSupport RAT via compromised websites. The campaign uses several steps: ...
coincentral

Crypto Copilot Extension Exposed for Secretly Draining Solana Wallets

Crypto Copilot stole SOL through hidden swap instructions in user wallets. Malicious extension rerouted tiny amounts per trade undetected for months. Experts warn high-volume Solana traders faced ...
SiliconANGLE

Black Duck introduces AI model scanning to tackle hidden and obfuscated AI components

Application security solutions provider Black Duck Software Inc. today announced the that it has added artificial intelligence model risk scanning to its Software Composition Analysis platform. The ...
u

North Korean Malware Hits Ethereum and BSC Wallets: Details

North Korea-linked hackers install crypto-stealing malware as part of a new campaign. According to a recent report by cybersecurity firm Cisco Talos, hackers linked to North Korea delivered malicious ...
Ripple

Crypto News Today: Crypto Credentials Are Being Stolen via GitHub by Astaroth Trojan

GitHub is used by hackers to steal crypto credentials through phishing and covert keylogging attacks with the Astaroth Banking Trojan. Theft of crypto credentials has acquired a new twist. The Hackers ...
coincentral

ModStealer Malware Targets Cryptocurrency Users and Spreads via Fake Job Ads

ModStealer malware targets cryptocurrency wallets and is undetected by antivirus tools. ModStealer spreads via fake recruiter ads and steals data from 56 browser wallet extensions. The malware ...