资讯

The Hacker News11 分钟

HiddenGh0st, Winos and kkRAT Exploit SEO, GitHub Pages in Chinese Malware Attacks

August 2025 campaigns deliver kkRAT and Gh0st RAT variants via SEO poisoning, disabling antivirus to hijack crypto wallets.

For September, Patch Tuesday means fixes for Windows, Office and SQL Server

This month’s collection of fixes from Microsoft includes 86 patches — but at least there were no zero-day bugs.
Securities.io3 天

NPM Supply-Chain Attack: What Happened and How to Fix It

Qix is an open source maintainer account that was compromised by a phishing attack. This allowed attackers to infect 18 popular npm packages with malicious code. Together, these packages are ...

.NET 10 Release Candidate 1: Follow-up for Entity Framework Core

Microsoft ORM Mapper learns column types Vector and JSON in Microsoft SQL Server 2025. At the same time, there is a first ...
GitHub3 天

sylphxltd/pdf-reader-mcp

Empower your AI agents (like Cline) with the ability to securely read and extract information (text, metadata, page count) from PDF files within your project context using a single, flexible tool.
Security Boulevard5 天

How One Phishing Email Compromised 18 npm Packages and Billions of Installs

On September 8, 2025, a single phishing email triggered one of npm’s most damaging supply chain attacks, compromising 18 ...