InfoWorld

Chainguard offers malware-resistant JavaScript libraries

Responding to recent NPM malware attacks, Chainguard Libraries for JavaScript seeks to address security vulnerabilities in ...

How AI is making it easier to design new toxins without being detected

Artificial intelligence can design toxic proteins that escape biosecurity cracks, sparking concerns over potential misuse.
ADTmag

The Worm That Ate JavaScript: Inside the Shai-Hulud Supply Chain Attack

The JavaScript development community faced one of its most sophisticated supply chain attacks in September, when a self-replicating worm infiltrated the npm registry and compromised more than 180 ...
Techopedia

Types of Malware in 2025: What Tactics Do Hackers Use Most?

Discover the types of malware in 2025, from backdoors to ransomware, and learn which families hackers use most in real-world attacks.

This new phishing kit turns PDF files into malware - here's how to stay safe

A new PDF phishing kit is being sold on the dark web, promising customers advanced features, a simple interface, and ...

AI-based attacks: Navigating the modern arms race in U.S. cybersecurity

All industries and companies, regardless of entity size, should consider ways to prepare for an AI-based attack and safeguard ...
Cyber Daily

Hiding in plain sight: How one Akira affiliate is masking its malicious activity

Akira’s ransomware-as-a-service operation has been highly active in seeking out Australian targets – here’s what network ...
CSO Online

That innocent PDF is now a Trojan Horse for Gmail attacks

Researchers at security company Varonis have uncovered a crafty new Gmail phishing attack that not only masquerades as a PDF ...

New MatrixPDF toolkit turns PDFs into phishing and malware lures

A new phishing and malware distribution toolkit called MatrixPDF allows attackers to convert ordinary PDF files into ...
MediaNama

Why CERT-In Is Warning Startups and IT Companies About Dune-Inspired Malware ‘Shai-Hulud’

CERT-In has issued an advisory warning of Shai-Hulud malware that targets JavaScript’s Node Package Manager (npm) ecosystem ...

One line of malicious npm code led to massive Postmark email heist

It appears, however, that the developer took the legitimate code from the Postmark MCP server's GitHub repository, added the ...
The Hacker News

EvilAI Malware Masquerades as AI Tools to Infiltrate Global Organizations

The campaign has been codenamed EvilAI by Trend Micro, describing the attackers behind the operation as "highly capable" owing to their ability to blur the line between authentic and deceptive ...