Bleeping Computer

Supply chain attack hits npm package with 45,000 weekly downloads

An npm package named 'rand-user-agent' has been compromised in a supply chain attack to inject obfuscated code that activates a remote access trojan (RAT) on the user's system. The 'rand-user-agent' ...
The Hacker News

New Android Banking Trojan "Klopatra" Uses Hidden VNC to Control Infected Smartphones

Italian fraud prevention firm Cleafy, which discovered the sophisticated malware and remote access trojan (RAT) in late ...
Ars Technica

Google’s Android and Chrome extensions are a very sad place. Here’s why

No wonder Google is having trouble keeping up with policing its app store. Since Monday, researchers have reported that hundreds of Android apps and Chrome extensions with millions of installs from ...