SecurityWeek

Over 100 NPM, PyPI Packages Hit in New Shai-Hulud Supply Chain Attacks

Over 100 NPM and PyPI packages were injected with malicious code in the Miasma and Hades Shai-Hulud supply chain attack ...

Iran's World Cup team lands in Mexico amid US visa row

All of Iran's group games are in the US, but players and support staff will have to fly in and out of the country on match ...
Tech Times

Cloudflare Buys VoidZero: Vite’s 130M Weekly Users Get a New Vendor-Neutrality Pledge

Cloudflare VoidZero acquisition gives a competing CDN governance of Vite, the open source JavaScript build tool with 130 ...
Supply Chain Management Review

How I vibe-coded an S&OP app in 30 hours

I built the test company in about 10 hours and the app itself in roughly 30—all through conversation with an AI, no ...
The Hacker News

FlutterShell Backdoor Spreads to macOS via Malicious Google and YouTube Ads

Operation FlutterBridge is a macOS malvertising campaign spreading FlutterShell, a Flutter-based backdoor with adware ...

Trump seeking edits to US-Iran deal, US media report

The requested changes are related to the Strait of Hormuz and the removal of highly enriched uranium, according to US media.
LGBTQ Nation

Ghana’s Parliament to host conference about how LGBTQ+ rights are against African “cultural values”

Family Watch International is one U.S. organization "behind the African faces" pushing a Christian nationalist agenda.
eWeek

AI App Builders Cheat Sheet: Best No-Code, Full-Stack, and Mobile App Tools

Compare top AI app builders for prototyping, mobile apps, internal tools, backend depth, security, pricing, and code ...
SecurityWeek

Chrome 148 Update Patches Critical Vulnerabilities

Google has released a Chrome 148 update that resolves 79 vulnerabilities, including 14 critical-severity security defects.
Dark Reading

'FrostyNeighbor' APT Carefully Targets Govt Orgs in Poland, Ukraine

A known Belarussian cyber-espionage group is back with a threat campaign against targets in Eastern Europe that uses spear-phishing to deliver malicious payloads to Eastern European government and ...
manilatimes

Belarus-aligned FrostyNeighbor attacks Ukrainian government, again - ESET Research discovers

FrostyNeighbor, a long-running cyberespionage actor apparently aligned with the interests of Belarus, has been active recently in campaigns targeting governmental organizations in Ukraine. This latest ...
Bleeping Computer

Pastebin comments push ClickFix JavaScript attack to hijack crypto swaps

Threat actors are abusing Pastebin comments to distribute a new ClickFix-style attack that tricks cryptocurrency users into executing malicious JavaScript in their browser, allowing attackers to ...