Hackers hijack thousands of sites for ClickFix and FakeUpdate attacks

A threat actor tracked as DriveSurge has been operating large-scale malware distribution campaigns using ClickFix and ...

After CBSE Admits Gaps In OSM, Teen Hacker Reacts With Honey Singh's 'Dope Shope' Meme

Nisarga Adhikary, a 19-year-old hacker who claimed to have found critical vulnerabilities and data security lapses in Central Board of Secondary Education’s (CBSE) On-Screen Marking (OSM) process to ...
Microsoft

Malicious npm packages abuse dependency confusion to profile developer environments

A dependency confusion campaign leveraged 33 malicious npm packages to collect reconnaissance data from developer and build environments. This report details the attack chain, observed tradecraft, and ...