Infostealer for Windows, macOS and Linux found in ten packages on npm

The npm packages were available since July, have elaborately obfuscated malicious routines, and rely on a fake CAPTCHA to ...

Tray.ai Launches New Agent Gateway to Mitigate Shadow MCP Risk and Move Organizations to Managed and Approved MCP Tools

Gives IT power to develop approved MCP Tools on Tray with policies, permissions, versioning and compliance, then publish them ...
The Hacker News

APT36 Targets Indian Government with Golang-Based DeskRAT Malware Campaign

An attack campaign undertaken by a Vietnam-aligned hacking group known as OceanLotus (aka APT-Q-31) that delivers the Havoc post-exploitation framework in attacks targeting enterprises and government ...