New Mac malware goes straight for developer keys

Two newly discovered macOS threats are designed to harvest developer credentials and cloud access as attackers focus on ...
SecurityWeek

New Wiper Malware Targeted Venezuelan Energy Sector Prior to US Intervention

Used in attacks against energy and utilities organizations, Lotus Wiper can overwrite drivers, delete files, and cripple ...
The Hacker News

Malicious KICS Docker Images and VS Code Extensions Hit Checkmarx Supply Chain

Malicious KICS Docker tags and VS Code versions 1.17.0, 1.19.0 enabled data exfiltration, risking exposed infrastructure ...
The Hacker News

Self-Propagating Supply Chain Worm Hijacks npm Packages to Steal Developer Tokens

Self-propagating npm worm steals tokens via postinstall hooks, impacting six packages and expanding supply chain attacks.

Kyber ransomware gang toys with post-quantum encryption on Windows

A new Kyber ransomware operation is targeting Windows systems and VMware ESXi endpoints in recent attacks, with one variant ...