The Hacker News

Researchers Spot Modified Shai-Hulud Worm Testing Payload on npm Registry

A new Shai-Hulud npm strain and a fake Jackson Maven package show how attackers abuse trusted dependencies to steal secrets ...

Chinese state hackers use rootkit to hide ToneShell malware activity

A new sample of the ToneShell backdoor, typically seen in Chinese cyberespionage campaigns, has been delivered through a kernel-mode loader in attacks against government organizations.

Hacker arrested for KMSAuto malware campaign with 2.8 million downloads

A Lithuanian national has been arrested for his alleged involvement in infecting 2.8 million systems with clipboard-stealing ...
SecurityWeek

Infostealer Malware Delivered in EmEditor Supply Chain Attack

The text and code editing tool EmEditor was targeted in a supply chain attack that resulted in the distribution of ...

Security Bite: A note on the growing problem of Apple-notarized malware on macOS

Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and ...
The Hacker News

China-Linked Evasive Panda Ran DNS Poisoning Campaign to Deliver MgBot Malware

China-linked Evasive Panda used DNS poisoning to deliver the MgBot backdoor in targeted espionage attacks from 2022 to 2024.