SecurityWeek

136 NPM Packages Delivering Infostealers Downloaded 100,000 Times

For the past four months, over 130 malicious NPM packages deploying information stealers have been collectively downloaded ...
The Hacker News

APT36 Targets Indian Government with Golang-Based DeskRAT Malware Campaign

An attack campaign undertaken by a Vietnam-aligned hacking group known as OceanLotus (aka APT-Q-31) that delivers the Havoc post-exploitation framework in attacks targeting enterprises and government ...
CSO Online

‘I am not a robot’: Russian hackers use fake CAPTCHA lures to deploy espionage tools

Researchers caution that the group’s rapid pivots and targeted filtering complicate detection and require behavior-based ...

Russian hackers evolve malware pushed in "I am not a robot" captchas

The Russian state-backed Star Blizzard hacker group has ramped up operations with new, constantly evolving malware families ...

North Korea Weaponizes Blockchain for Stealth Hacks, Poses as Job Recruiters

North Korean threat group Famous Chollima is using blockchain technology to hide malware payloads in smart contracts, which marks the first documented case of a nation-state actor adopting ...