SecurityWeek

Axios NPM Package Breached in North Korean Supply Chain Attack

North Korean hackers published backdoored versions of the Axios NPM package using a compromised long-lived access token.

API Key Leak Exposes AWS, Stripe, OpenAI Credentials Across Thousands of Sites

Researchers found thousands of exposed API keys across 10 million webpages, including AWS, Stripe, and OpenAI credentials ...

Bubble AI app builder abused to steal Microsoft account credentials

Threat actors are evading phishing detection in campaigns targeting Microsoft accounts by abusing the no-code app-building ...
Hoodline

Fake CAPTCHA Scam Tricks Windows Users Into Installing Password-Snatching Malware

Fake CAPTCHA pages can install the StealC infostealer. Don't paste or run commands; disconnect and change passwords.
Infosecurity Magazine

Phantom Project Bundles Infostealer, Crypter and RAT For Sale

A .NET-based infostealer sold as part of a commercial cybercrime toolkit that bundles a stealer, crypter and remote access ...
CSO Online

Chained vulnerabilities in Cisco Catalyst switches could induce denial-of-service

Cisco’s widely deployed Catalyst 9300 Series enterprise switches have four security vulnerabilities, two of which could be ...

ChatGPT Features That Will Turn You Into An AI Pro

ChatGPT is an AI chatbot developed by OpenAI that generates human-like text responses through natural language processing. It ...
Indianapolis Business Journal

Iran conflict raises cyberattack risk, experts say

International conflicts in the physical world can lead to a spike in cyberattacks — both on government entities and on ...
Morning Overview on MSN

Study finds thousands of sites exposed API keys and other credentials

Researchers scanning 10 million webpages have found that nearly 10,000 pages contained live API credentials left in plain ...

Huge numbers of web stores are facing attack from dangerous new malware

Hackers are actively using PolyShell against major brands and other ecommerce sites.
WinBuzzer

Claude Code Source Leak Exposes Anti-Distillation Traps

Anthropic's Claude Code source has leaked via a packaging error, exposing anti-distillation traps, an undercover mode, and scaffolding for an unreleased agent.