The Hacker News

10 npm Packages Caught Stealing Developer Credentials on Windows, macOS, and Linux

Ten typosquatted npm packages (Jul 4, 2025) delivered a 24MB PyInstaller info stealer using 4 obfuscation layers; ~9,900 ...
IEEE

Efficient Classification of Malicious URLs: M-BERT—A Modified BERT Variant for Enhanced ...

Abstract: Malicious websites present a substantial threat to the security and privacy of individuals using the internet. Traditional approaches for identifying these malicious sites have struggled to ...
GitHub

szefer-piotr/ara_demo

A Python script that builds BioRxiv search URLs manually by mimicking their internal search structure. This approach works around the limitations of their official API by generating search URLs that ...
IEEE

BESA: Boosting Encoder Stealing Attack With Perturbation Recovery

Abstract: To boost the encoder stealing attack under the perturbation-based defense that hinders the attack performance, we propose a boosting encoder stealing attack with perturbation recovery named ...
BBC

Children's books pulled over explicit weblink

A series of children's books has been pulled from school library shelves after a web address printed in the back was found to link to explicit content. The Spy Dog, Spy Pups and Spy Cat books by Derby ...
Cleveland

Fake Amazon URLs surge during Prime Big Deal Days

CLEVELAND — Shoppers are gearing up for Amazon's Prime Big Deal Days, but cybersecurity experts are warning about a surge in online scams targeting bargain hunters. According to Check Point, more than ...
Bleeping Computer

CommetJacking attack tricks Comet browser into stealing emails

A new attack called 'CometJacking' exploits URL parameters to pass to Perplexity's Comet AI browser hidden instructions that allow access to sensitive data from connected services, like email and ...