The Hacker News

Over 46,000 Fake npm Packages Flood Registry in Worm-Like Spam Attack

The coordinated campaign has so far published as many as 46,484 packages, according to SourceCodeRED security researcher Paul ...
PCQuest on MSN

GootLoader Returns with Sneaky Font Trick to Spread Malware Again

The cybercriminals behind GootLoader malware have launched another campaign that employs misleading font rendering to trick users into downloading malware. Security experts caution that this renewed ...
InfoWorld

Malicious npm package sneaks into GitHub Actions builds

The typosquatted “@acitons/artifact” package targeted GitHub’s CI/CD workflows, stealing tokens and publishing malicious ...