The Hacker News

10 npm Packages Caught Stealing Developer Credentials on Windows, macOS, and Linux

Ten typosquatted npm packages (Jul 4, 2025) delivered a 24MB PyInstaller info stealer using 4 obfuscation layers; ~9,900 ...
The Hacker News

Active Exploits Hit Dassault and XWiki — CISA Confirms Critical Flaws Under Attack

Threat actors are actively exploiting multiple security flaws impacting Dassault Systèmes DELMIA Apriso and XWiki, according ...
The Hacker News

New TEE.Fail Side-Channel Attack Extracts Secrets from Intel and AMD DDR5 Secure Enclaves

In response to the disclosure, AMD said it has no plans to provide mitigations since physical vector attacks are out of scope ...
The Hacker News

New Android Trojan 'Herodotus' Outsmarts Anti-Fraud Systems by Typing Like a Human

The findings comes as CYFIRMA detailed an advanced Android malware named GhostGrab that's capable of systematically ...
The Hacker News

Researchers Expose GhostCall and GhostHire: BlueNoroff's New Malware Chains

Victims of the GhostCall campaign span several infected macOS hosts located in Japan, Italy, France, Singapore, Turkey, Spain ...
The Hacker News

Why Early Threat Detection Is a Must for Long-Term Business Growth

Early detection turns cyber risk into business advantage with ANY.RUN’s live threat intelligence and instant context.
The Hacker News

Is Your Google Workspace as Secure as You Think it is?

Material Security transforms Google Workspace into a self-healing fortress—automating phishing defense, data control, and ...