The Hacker News

Lazarus Campaign Plants Malicious Packages in npm and PyPI Ecosystems

North Korea-linked Lazarus campaign spreads malicious npm and PyPI packages via fake crypto job offers, deploying RATs and ...

Fake job recruiters hide malware in developer coding challenges

A new variation of the fake recruiter campaign from North Korean threat actors is targeting JavaScript and Python developers with cryptocurrency-related tasks.

LummaStealer infections surge after CastleLoader malware campaigns

A surge in LummaStealer infections has been observed, driven by social engineering campaigns leveraging the ClickFix technique to deliver the CastleLoader malware.
The Hacker News

⚡ Weekly Recap: AI Skill Malware, 31Tbps DDoS, Notepad++ Hack, LLM Backdoors and More

This week’s cyber recap covers AI risks, supply-chain attacks, major breaches, DDoS spikes, and critical vulnerabilities security teams must track.