News

Supply chain attack hits npm package with 45,000 weekly downloads
An npm package named 'rand-user-agent' has been compromised in a supply chain attack to inject obfuscated code that activates ...
Malicious PyPi package hides RAT malware, targets Discord devs since 2022
A malicious Python package targeting Discord developers with remote access trojan (RAT) malware was spotted on the Python ...
Tom's Guide29d
Hackers are using fake Google Play Store pages to infect Android phones with a dangerous trojan — how to stay safe
A new campaign is bringing back the troublesome SpyNote malware and this remote access trojan features a wide ... install buttons and code remnants – all familiar visual elements that are ...
Computing8y
Dimnie Trojan targeting open source developers publishing on Github
Trojan targeting developers steals passwords, exfiltrates files, takes screenshots and can even self-destruct when it has served its purpose Developers using Github, the free source-code hosting ...
The Hacker News2d
Researchers Uncover Malware in Fake Discord PyPI Package Downloaded 11,500+ Times
PyPI package 'discordpydebug' hides a RAT, downloaded 11,574 times, using stealthy HTTP polling to bypass defenses.