News

Malware Injected Into Code Packages That Get 2 Billion+ Downloads Each Week

An attack targeting the Node.js ecosystem was just identified — but not before it compromised 18 npm packages that account ...
decrypt4h

Researchers Uncover Undetectable Malware Draining Crypto Browser Wallets

ModStealer spreads through fake recruiter ads using obfuscated code ... and other chains. “If your funds sit in a software wallet or on an exchange, you’re one code execution away from losing ...

New open-source tool from Permiso uncovers dangerous inbox rule blind spots

The new tool seeks to deal with what research from Permisso dubs “Inboxfuscation.” It’s a Unicode-based evasion technique that can create malicious rules invisible to traditional monitoring systems, ...
CSO Online21h

AI prompt injection gets real — with macros the latest hidden threat

Attackers are evolving their malware delivery tactics by weaponing malicious prompts embedded in document macros to hack AI ...