[HackerNews] Two NPM Packages With 22 Million Weekly Downloads Found Backdoored

In what’s yet another instance of supply chain attack targeting open-source software repositories, two popular NPM packages with cumulative weekly downloads of nearly 22 million were found to be compromised with malicious code by gaining unauthorized access to the respective developer’s accounts.
The two libraries in question are “coa,” a parser for command-line options, and “rc,” a

Source: Read More (The Hacker News)

You might be interested in …

[ZDNet] How does Surfshark work? How to set up & use the VPN

All posts, ZDNet

Surfshark is a popular VPN. Here’s everything you need to get it, install it, configure it, and use it successfully. Source: Read More (Latest topics for ZDNet in Security)

Read More

[SecurityWeek] Yanluowang Ransomware Targeting U.S. Financial Corporations

All posts, Security Week

Security researchers with Symantec believe that the Yanluowang ransomware is operated by a threat actor that was previously affiliated to the FiveHands group. read more Source: Read More (SecurityWeek RSS Feed)

Read More

[HackerNews] Apple Delays Plans to Scan Devices for Child Abuse Images After Privacy Backlash

All posts, HackerNews

Apple is temporarily hitting the pause button on its┬ácontroversial plans┬áto screen users’ devices for child sexual abuse material (CSAM) after receiving sustained blowback over worries that the tool could be weaponized for mass surveillance and erode the privacy of users. “Based on feedback from customers, advocacy groups, researchers, and others, we have decided to take […]

Read More