"CanisterWorm" supply chain malware attacks npm

A threat actor who stole credentials from a legitimate node package manager (npm) publisher has spread a persistent, ...
WinBuzzer

GhostClaw Fake OpenClaw Installer Steals macOS Dev Credentials

JFrog has uncovered GhostClaw, a fake OpenClaw npm package that stole Keychain passwords, cloud credentials, and crypto ...

I tested NordVPN's free scam checker against a real threat in my inbox - here's how it did

I tested NordVPN's free scam checker against a real threat in my inbox - here's how it did ...
The Hacker News

ThreatsDay Bulletin: FortiGate RaaS, Citrix Exploits, MCP Abuse, LiveChat Phish & More

ThreatsDay roundup covering stealthy attacks, phishing trends, exploit chains, and rising security risks across the threat ...
CSO Online

Chrome ABE bypass discovered: New VoidStealer malware steals passwords and cookies

The infostealer uses a first‑seen‑in‑the‑wild debugging method to extract Chrome’s decryption key without privilege ...

Chrome encryption bypass discovered: New malware steals passwords and cookies

The infostealer uses a first‑seen‑in‑the‑wild debugging method to extract Chrome’s decryption key without privilege ...

Hackers exploit OpenClaw hype on GitHub to steal crypto funds

Crypto scammers are exploiting the rising visibility of OpenClaw to target developers through a coordinated phishing campaign ...
The Hacker News

Claude Code Security and Magecart: Getting the Threat Model Right

Magecart hides payload in favicon EXIF via third-party scripts, bypassing static analysis and stealing checkout data at ...

Users hate it, but age-check tech is coming. Here’s how it works.

Discord’s reversal followed a widespread user backlash, which also intensified scrutiny of the platform’s age-check partners.

Widely used Trivy scanner compromised in ongoing supply-chain attack

Hackers have compromised virtually all versions of Aqua Security’s widely used Trivy vulnerability scanner in an ongoing ...
Bitcoin Magazine

Breez SDK Launches Passkey Login for Seedless Bitcoin Wallets

Breez SDK now supports Passkey Login, allowing developers to build self-custodial Bitcoin wallets without mandatory seed ...
PC Magazine

The Best Free Password Managers for 2026

I review privacy tools like hardware security keys, password managers, private messaging apps, and ad-blocking software. I also report on online scams and offer advice to families and individuals ...