The Hacker News

10 npm Packages Caught Stealing Developer Credentials on Windows, macOS, and Linux

Ten typosquatted npm packages (Jul 4, 2025) delivered a 24MB PyInstaller info stealer using 4 obfuscation layers; ~9,900 ...

Dangerous npm packages are targeting developer credentials on Windows, Linux and Mac - here ...

Recently, security researchers Socket found 10 packages on npm targeting software developers, specifically those who use the ...
MUO on MSN

Microsoft’s Windows Terminal update quietly made it incredible

Right-clicking a tab in the Windows Terminal now brings up an actual context menu with options for splitting, moving, zooming ...
XDA Developers on MSN

Kali Linux is my favorite Linux distro to play around with

Kali Linux was one of the earliest distros I’ve played with, and it has only gotten better with time. While it’s not a ...

Protect a Lifetime of Data with 20TB of Encrypted Cloud Storage for $400

Get a 20TB Internxt Cloud Storage Lifetime Subscription for $399.97 while it’s available to new users. StackSocial prices ...
CSO Online

Typo hackers sneak cross-platform credential stealer into 10 npm packages

The typosquatted packages auto-execute on installation, fingerprint victims by IP, and deploy a PyInstaller binary to harvest ...
The Hacker News

ThreatsDay Bulletin: DNS Poisoning Flaw, Supply-Chain Heist, Rust Malware Trick and New ...

Threat actors refine tactics with DNS attacks, new RATs, and Rust-based malware. Stay ahead with this week’s top ThreatsDay ...
Developer Tech

Malware campaign on npm steals AWS, GCP, and Azure cloud keys

An advanced malware campaign on the npm registry steals the very keys that control enterprise cloud infrastructure.