The Hacker News

Microsoft Warns Developers of Fake Next.js Job Repos Delivering In-Memory Malware

While the Windows maker did not attribute the activity to a specific threat actor, the use of VS Code tasks and Vercel ...

ClawJacked attack let malicious websites hijack OpenClaw to steal data

Security researchers have disclosed a high-severity vulnerability dubbed "ClawJacked" in the popular AI agent OpenClaw that allowed a malicious website to silently bruteforce access to a locally ...

Trump says ‘there will likely be more’ US deaths as Iran strikes to continue until ‘all’ goals achieved

Three American service members have been killed and casualties are reported in the UAE, Israel and Kuwait as Israel and Iran ...

Why are UK military bases being used in Iran conflict?

The US is likely to use RAF Fairford as one of its bases for "defensive" strikes on Iranian missile sites, the BBC ...
Dark Reading

Malicious Next.js Repos Target Developers Via Fake Job Interviews

Linked to North Korean fake job-recruitment campaigns, the poisoned repositories are aimed at establishing persistent C2 ...
Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...
The Caledonian-Record

'Severe blow' dealt to Iran command centres: latest developments

Israel's army said the joint attacks carried out with the United States had dealt a severe blow to Iran's command and control ...
The Hacker News

North Korean Hackers Publish 26 npm Packages Hiding Pastebin C2 for Cross-Platform RAT

North Korean-linked campaign publishes 26 malicious npm packages hiding C2 in Pastebin, deploying credential stealers & RAT via 31 Vercel deployments.
The Caledonian-Record

US announces destruction of Iranian force's HQ, first US deaths

The United States said Sunday it had destroyed the headquarters of Iran's powerful Revolutionary Guard force but also ...

QuickLens Chrome extension steals crypto, shows ClickFix attack

A Chrome extension named "QuickLens - Search Screen with Google Lens" has been removed from the Chrome Web Store after it was ...

Video appears to show US F-15 fighter jet crashing in Kuwait

Kuwait's ministry of defence confirmed "several American fighter aircraft came down this morning", with crews "unscathed".

Wright State tapped for U.S. Space Command academic engagement program

Students and faculty at one of the region’s largest universities will gain hands-on experience through a selective U.S. Space Command collaboration. Here's what the work will entail. #dayton #wrightst ...