The Hacker News

Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT Malware

Compromised dYdX npm and PyPI packages delivered wallet-stealing malware and a RAT via poisoned updates in a software supply chain attack.
Microsoft

New Clickfix variant ‘CrashFix’ deploying Python Remote Access Trojan

CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger.exe and portable ...

AI Bots Are Now a Signifigant Source of Web Traffic

New data shows AI bots pushing deeper into the web, prompting publishers to roll out more aggressive defenses.

What's the Difference Between the 'Surface Web' and the 'Deep Web'?

Like the surface of the ocean, the surface web is just a fraction of the internet as a whole. Back in 2017, some estimates ...

Google Shut Down Its Dark Web Monitoring Tool, so Here's What to Use Instead

There are ways to watch for data dumps on the dark web that affect you, even though Google is shuttering its own service.
Microsoft

Infostealers without borders: macOS, Python stealers, and platform abuse

How modern infostealers target macOS systems, leverage Python‑based stealers, and abuse trusted platforms and utilities to ...

Panera Bread breach impacts 5.1 million accounts, not 14 million customers

The data breach notification service Have I Been Pwned says that a data breach at the U.S. food chain Panera Bread affected 5.1 million accounts, not 14 million customers as previously reported.
The Hacker News

⚡ Weekly Recap: Proxy Botnet, Office Zero-Day, MongoDB Ransoms, AI Hijacks & New Threats

This week’s cybersecurity recap highlights key attacks, zero-days, and patches to keep you informed and secure.