JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.
June 19, 2026 update: Microsoft assesses with high confidence that this activity is attributable to Sapphire Sleet, a North Korean state actor that primarily targets the financial sector. The ...
The repository reached the #1 trending position on Hugging Face within 18 hours, highlighting how public AI repositories are becoming a new software supply chain attack vector. A malicious Hugging ...
Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver remote access trojans to Linux, Windows, and macOS systems. One malicious ...
Thanks to @tmccombs for the original CLI tool, you can see the original code of the CLI tool in below urls. hcl2Json Project Url: https://github.com/tmccombs/hcl2json ...
Hackers have adopted the new technique called 'FileFix' in Interlock ransomware attacks to drop a remote access trojan (RAT) on targeted systems. Interlock ransomware operations have increased over ...
Microsoft is calling attention to an ongoing malvertising campaign that makes use of Node.js to deliver malicious payloads capable of information theft and data exfiltration. The activity, first ...
Learn how to leverage configuration files to customize PowerShell scripts, including language, formatting and display settings, in this conclusion to a three-part series. In the previous article in ...
Recently, I have been hard at work, creating some really complex PowerShell scripts related to a few projects that I have been working on. One of the big lessons that I have learned through all of ...