News

The Hacker News

TA558 Uses AI-Generated Scripts to Deploy Venom RAT in Brazil Hotel Attacks

RevengeHotels used AI-generated phishing scripts to deploy Venom RAT in Brazil hotels in 2025, stealing travelers’ credit ...

Apple Releases Safari Technology Preview 228 With Bug Fixes and Performance Improvements

Apple today released a new update for Safari Technology Preview, the experimental browser that was first introduced in March ...

Malware Injected Into Code Packages That Get 2 Billion+ Downloads Each Week

An attack targeting the Node.js ecosystem was just identified — but not before it compromised 18 npm packages that account ...
Krebs on Security

Self-Replicating Worm Hits 180+ Software Packages

The novel malware strain is being dubbed Shai-Hulud — after the name for the giant sandworms in Frank Herbert’s Dune novel ...

Clever advertising scam with Android apps busted after all

A new scam to covertly retrieve advertising surprises security researchers. Google had to delete over 200 apps from the Play ...

Self-propagating supply chain attack hits 187 npm packages

Security researchers have identified at least 187 npm packages compromised in an ongoing supply chain attack. The coordinated ...
Infosecurity Magazine

Shai-Hulud Worm Prowls npm to Steal Hundreds of Secrets

The bundle.js script is designed to steal npm, GitHub, AWS and GCP tokens. But it also installs TruffleHog – an open source ...
SecurityWeek

Shai-Hulud Supply Chain Attack: Worm Used to Steal Secrets, 180+ NPM Packages Hit

Shai-Hulud is the third major supply chain attack targeting the NPM ecosystem after the s1ngularity attack and the recent ...

Google nukes 224 Android malware apps behind massive ad fraud campaign

A massive Android ad fraud operation dubbed "SlopAds" was disrupted after 224 malicious applications on Google Play were used ...
Yahoo Malaysia

CrowdStrike Infested With "Self-Replicating Worms"

A year after a glitch at cybersecurity company CrowdStrike triggered a global computer outage affecting millions of computers ...
CSO Online

Warning: Hackers have inserted credential-stealing code into some npm libraries

Dozens of npm libraries, including a color library with over 2 million downloads a week, have been replaced with novel ...
TMCnet

HUMAN Disrupts Sophisticated Mobile App Fraud Scheme SlopAds

NEW YORK, Sept. 16, 2025 (GLOBE NEWSWIRE) -- HUMAN Security, Inc., a leading cybersecurity company committed to enabling trusted interactions and transactions across humans, bots, and AI agents, today ...