资讯

Hackers are sneaking malware into SVG images to bypass antivirus - here's what we know

Hackers are sharing malicious SVG files which spoof real-life websites in order to trick victims into downloading damaging ...

Hackers hijack npm packages with 2 billion weekly downloads in supply chain attack

In a supply chain attack, attackers have injected malware into NPM packages with over 2.6 billion weekly downloads after ...
The Hacker News22 小时

GPUGate Malware Uses Google Ads and Fake GitHub Commits to Target IT Firms

GPUGate malware uses Google Ads and fake GitHub commits to steal data from IT firms since Dec 2024, bypassing sandboxes and GPU-lacking systems.

Massive npm hack poisons 18 packages with billions of downloads

Npm packages are reusable blocks of JavaScript code published to the Node Package Manager registry that developers can ...
InfoWorld16 小时

Groovy 5 expands Java and JDK support

Latest release of the JVM language also features hundreds of new and improved extension methods including 10x faster arrays.
Security Boulevard22 小时

APT37 Targets Windows with Rust Backdoor and Python Loader

IntroductionAPT37 (also known as ScarCruft, Ruby Sleet, and Velvet Chollima) is a North Korean-aligned threat actor active since at least 2012. APT37 primarily targets South Korean individuals ...
Krebs on Security14 小时

18 Popular Code Packages Hacked, Rigged to Steal Crypto

At least 18 popular JavaScript code packages that are collectively downloaded more than two billion times each week were briefly compromised with malicious software today, after a developer involved ...