The Hacker News

Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT Malware

Compromised dYdX npm and PyPI packages delivered wallet-stealing malware and a RAT via poisoned updates in a software supply chain attack.
Microsoft

New Clickfix variant ‘CrashFix’ deploying Python Remote Access Trojan

CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger.exe and portable Python to evade detection and persist on high‑value systems.
GitHub

Simple, Practical, Single-Server Private Information Retrieval for Keyword Queries

ChalametPIR allows a client to retrieve a specific value from a key-value database, stored on a server, without revealing the requested key to the server. It uses Binary Fuse Filters to encode ...
GitHub

Dynamics 365 Finance & Operations MCP Server

Production-ready Model Context Protocol (MCP) server that exposes the full capabilities of Microsoft Dynamics 365 Finance & Operations (D365 F&O) to AI assistants and other MCP-compatible tools. This ...