The Hacker News

Shai-Hulud v2 Campaign Spreads From npm to Maven, Exposing Thousands of Secrets

"As a new and significantly more aggressive wave of npm supply chain malware, Shai-Hulud 2 combines stealthy execution, credential breadth, and fallback destructive behavior, making it one of the most ...
The Hacker News

RomCom Uses SocGholish Fake Update Attacks to Deliver Mythic Agent Malware

RomCom just hit a US engineering firm via SocGholish for the first time, deploying Mythic Agent before defenders cut the ...
The Hacker News

Webinar: Learn to Spot Risks and Patch Safely with Community-Maintained Tools

Free webinar explains risks in community-run tools like Chocolatey and Winget and shows practical ways to secure updates.
The Hacker News

Chrome Extension Caught Injecting Hidden Solana Transfer Fees Into Raydium Swaps

"Behind the interface, the extension injects an extra transfer into every Solana swap, siphoning a minimum of 0.0013 SOL or 0 ...
The Hacker News

When Your $2M Security Detection Fails: Can your SOC Save You?

Balanced SOC investment stops attacks detection tools miss, cutting false positives by 90% and improving threat response.
The Hacker News

FBI Reports $262M in ATO Fraud as Researchers Cite Growing AI Phishing and Holiday Scams

FBI flags $262M in account-takeover losses while researchers track AI-boosted phishing, fake stores, and holiday scam domains.