The Hacker News

Trojanized Gaming Tools Spread Java-Based RAT via Browser and Chat Platforms

Trojanized gaming tools and new Windows RATs like Steaelite enable data theft, ransomware, and persistent remote control.
Dark Reading

Malicious Next.js Repos Target Developers Via Fake Job Interviews

Linked to North Korean fake job-recruitment campaigns, the poisoned repositories are aimed at establishing persistent C2 ...
Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...
GitHub

davila7/claude-code-templates

Ready-to-use configurations for Anthropic's Claude Code. A comprehensive collection of AI agents, custom commands, settings, hooks, external integrations (MCPs), and project templates to enhance your ...
SecurityWeek

GitHub Issues Abused in Copilot Attack Leading to Repository Takeover

Orca has discovered a supply chain attack that abuses GitHub Issue to take over Copilot when launching a Codespace from that ...
InfoWorld

New npm worm hits CI pipelines and AI coding tools

Researchers warn malicious packages can harvest secrets, weaponize CI systems, and spread across projects while carrying a dormant wipe mechanism.

ASD releases Azul open-source malware analysis tool

Sample files for Azul are kept in a Simple Storage Service (S3) compatible binary large object (blob) store, and processed ...