The Hacker News

Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT Malware

Compromised dYdX npm and PyPI packages delivered wallet-stealing malware and a RAT via poisoned updates in a software supply chain attack.

OpenClaw reveals meaty personal information after simple cracks

Skills marketplace is full of stuff - like API keys and credit card numbers - that crims will find tasty Another day, another ...
Microsoft

New Clickfix variant ‘CrashFix’ deploying Python Remote Access Trojan

CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger.exe and portable ...
Nextgov

CISA orders agencies to patch and replace end-of-life devices, citing active exploitation

The directive gives agencies three months to identify unsupported edge devices, a year to begin removing them and 18 months to eliminate them entirely.