The Hacker News

China-Linked Hackers Have Used the PeckBirdy JavaScript C2 Framework Since 2023

Experts details PeckBirdy, a JavaScript C2 framework used since 2023 by China-aligned attackers to spread malware via fake ...
Que.com on MSN

China-linked hackers deploy PeckBirdy JavaScript C2 framework since 2023

Since 2023, multiple security investigations have highlighted a growing trend in which China-linked threat actors ...

Anura Stops AI-Assisted SIVT Threat That Bypasses JavaScript-Based Fraud Detection Solutions

Anura identified and successfully mitigated a new form of Sophisticated Invalid Traffic (SIVT) that uses artificial ...
SecurityWeek

‘PackageGate’ Flaws Open JavaScript Ecosystem to Supply Chain Attacks

Vulnerabilities in the NPM, PNPM, VLT, and Bun package managers could lead to protection bypasses and arbitrary code ...
SecurityWeek

Chrome, Edge Extensions Caught Stealing ChatGPT Sessions

LayerX discovered 16 extensions in the Chrome Web Store and Microsoft Edge Add-ons marketplace that steal users’ ChatGPT ...

Hackers can bypass npm’s Shai-Hulud defenses via Git dependencies

Koi security researchers found that when NPM installs a dependency from a Git repository, configuration files such as a ...

Boston real estate exec, philanthropist Kevin Phelan honored for 50 years of Boys & Girls Club service

Kevin Phelan's five decades of service to the Boys & Girls Clubs of Boston will be recognized at the organization's annual benefit dinner, marking the first time an individual has received this honor ...
The Hacker News

ClickFix Attacks Expand Using Fake CAPTCHAs, Microsoft Scripts, and Trusted Web Services

ClickFix uses fake CAPTCHAs and a signed Microsoft App-V script to deploy Amatera stealer on enterprise Windows systems.
InfoWorld

Unplugged holes in the npm and yarn package managers could let attackers bypass defenses against Shai-Hulud

A researcher at Koi Security says the two key platforms have not plugged the vulnerabilities enabling the worm attacks, and ...

How ‘& Juliet’ Became an Against-the-Odds Hit on Broadway

During a tough time for new musicals, the Shakespearian-inspired jukebox hit "& Juliet" is celebrating its third anniversary ...
Queerty

Queer desire becomes the ultimate horror in Sundance’s most terrifying LGBTQ+ breakout hit Leviticus

In the wake of 'Heated Rivalry's' success, could this frightening flick be the first unapologetically queer horror to become ...

Burnout results when we fail to control these 10 characters at war within ourselves

Amanda Goetz says each of those aspects of ourself, including the CEO, the caregiver and the explorer, is like a separate ...