The Hacker News

North Korea-linked Actors Exploit React2Shell to Deploy New EtherRAT Malware

North Korea-linked attackers exploit CVE-2025-55182 to deploy EtherRAT, a smart-contract-based RAT with multi-stage ...
Hackaday

This Week In Security: React, JSON Formatting, And The Return Of Shai Hulud

After a week away recovering from too much turkey and sweet potato casserole, we’re back for more security news! And if you ...
InfoWorld

The first building blocks of an agentic Windows OS

Microsoft rolls out Model Context Protocol support in Windows ML, providing tools to build agentic Windows applications that ...
techAU on MSN

Hands-on with Google Antigravity: The IDE that changes how we code forever

I’ve spent the better part of the last decade using different developer tools, from lightweight text editors to full-blown integrated development environments. Usually, the improvements are ...
The Washington Post

How every House member voted to release the Epstein files

Warning: This graphic requires JavaScript. Please enable JavaScript for the best experience. The House voted 427-1 in support of a measure to release files related to ...

A weekend ‘vibe code’ hack by Andrej Karpathy quietly sketches the missing layer of ...

Andrej Karpathy’s weekend “vibe code” LLM Council project shows how a simple multi‑model AI hack can become a blueprint for ...
PC-Tablet

Critical React Vulnerability Exposes 39 Percent of Cloud Environments to Attacks

New data shows 39 percent of cloud environments have a max-severity React security hole. Experts say exploitation is imminent ...
Infosecurity Magazine

New Shai-Hulud Worm Spells Trouble For npm Users

A new version of the Shai-Hulud worm has infected hundreds of npm packages and caused disruption to global CI/CD workflows ...
How-To Geek on MSN

NPM packages are infected with malware, again

Shai Hulud v2 infected 500+ npm packages (700+ versions) and spilled into Java/Maven — yikes. Compromised packages run a preinstall loader that downloads Bun and executes a 10MB obfuscated payload ...
The Hacker News

North Korean Hackers Deploy 197 npm Packages to Spread Updated OtterCookie Malware

North Korean actors deployed 197 new npm packages delivering evolved OtterCookie and GolangGhost malware through fake ...
Security Boulevard

FAQ About Sha1-Hulud 2.0: The “Second Coming” of the npm Supply-Chain Campaign

Sha1-Hulud malware is an aggressive npm supply-chain attack compromising CI/CD and developer environments. This blog addresses frequently asked questions and advises cloud security teams to ...