The Hacker News

WhatsApp VBScript Campaign Uses Fake Documents to Install ManageEngine RMM Tool

Kaspersky says attackers are using fake WhatsApp document attachments to run VBScript malware and install ManageEngine RMM ...
Microsoft

Crypto Clipper uses Tor and worm-like propagation for persistence and control

Microsoft Threat Intelligence analyzed a cryptocurrency clipper campaign that combines clipboard theft, wallet replacement, ...
InfoWorld

Protocol Buffers schemas expose remote code execution risk

Researchers at Cyera found six vulnerabilities in prtobuf.js, including a flaw that can turn attacker-controlled schema data ...
The Hacker News

Six Proto6 Vulnerabilities in protobuf.js Expose Node.js Apps to RCE and DoS

Six Proto6 flaws in protobuf.js enable RCE and DoS attacks; patched in versions 7.5.6 and 8.0.2 to protect Node.js services.

Trump appeals to keep name on Kennedy Center as judge's deadline nears

The president's move to appeal comes after a judge ruled that Trump's name had been added to the iconic DC building illegally ...
Microsoft

From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...

New malware attack exploits WhatsApp desktop and web users, report reveals

Recent research by Kaspersky reveals that malware campaigns are targeting WhatsApp, including its web and desktop versions, ...

Florida Bank of Finance files application to open

Florida Bank of Finance filed a new bank application with the Federal Deposit Insurance Corp. on April 16.

Microsoft discovers new lightweight backdoor that steals cryptocurrency

Microsoft says it has detected new self-propagating malware that spreads through USB drives in search of cryptocurrency ...

Pam Bondi admits to 'redaction errors' in Epstein files, blames successor

WASHINGTON – Former Attorney General Pam Bondi admitted the Department of Justice made "redaction errors" in the Epstein ...
The Next Web

Microsoft finds USB worm that steals cryptocurrency through clipboard hijacking and Tor

Microsoft discovered a self-spreading USB worm active since February that monitors clipboards for crypto wallets and routes stolen data through Tor.

I let Claude audit my messy Home Assistant setup, and it was a massive wake-up call

I gave Claude access to my Home Assistant. It helped me audit, debug, and improve my smart home better than I ever could have ...