Forwarded from The Hacker News
🚨 A new kind of npm malware just dropped—and it infects other packages.
Two rogue packages—ethers-provider2 and ethers-providerz—silently patched the legit ethers library to deploy a reverse shell.
Uninstalling won’t help. The malicious code persists, waiting to reinfect when ethers is reinstalled. Even deleted files don’t stop it.
đź”— Learn more: https://thehackernews.com/2025/03/malicious-npm-package-modifies-local.html
Two rogue packages—ethers-provider2 and ethers-providerz—silently patched the legit ethers library to deploy a reverse shell.
Uninstalling won’t help. The malicious code persists, waiting to reinfect when ethers is reinstalled. Even deleted files don’t stop it.
đź”— Learn more: https://thehackernews.com/2025/03/malicious-npm-package-modifies-local.html
Forwarded from The Hacker News
Cyber Strikes & Security Insights: Join Vanta at an RSA Happy Hour
Going to RSA? Join Vanta and CISO Series host David Spark for a night of networking, bowling, and games at Lucky Strike’s Einstein Room.
Whether you’re looking to connect with fellow cybersecurity pros, kick off your RSA week with fun, or just see who can throw the best (or worst) strike, this is the place to be.
âś“ Mix and mingle with top security professionals
âś“ Bowl a few frames (or just cheer from the sidelines)
âś“ Enjoy food, drinks, and great conversations
âś“ Get insights on the latest in cybersecurity
Space is limited, so grab your spot now: https://thn.news/lucky-security-community-s
Going to RSA? Join Vanta and CISO Series host David Spark for a night of networking, bowling, and games at Lucky Strike’s Einstein Room.
Whether you’re looking to connect with fellow cybersecurity pros, kick off your RSA week with fun, or just see who can throw the best (or worst) strike, this is the place to be.
âś“ Mix and mingle with top security professionals
âś“ Bowl a few frames (or just cheer from the sidelines)
âś“ Enjoy food, drinks, and great conversations
âś“ Get insights on the latest in cybersecurity
Space is limited, so grab your spot now: https://thn.news/lucky-security-community-s
Forwarded from The Hacker News
🥊 A good defense isn’t built in silence—it’s battle-tested.
Most orgs test their cyber defenses once a year—maybe twice. That’s like a boxer only sparring before a title fight. Gaps grow. Intuition dulls. Defenses drift.
Real resilience requires pressure. Continuous, automated pentesting simulates real attacks—frequently and affordably.
🔥 Your next test shouldn't be the real breach.
Automate, simulate, adapt. Learn how → https://thehackernews.com/2025/03/sparring-in-cyber-ring-using-automated.html
Most orgs test their cyber defenses once a year—maybe twice. That’s like a boxer only sparring before a title fight. Gaps grow. Intuition dulls. Defenses drift.
Real resilience requires pressure. Continuous, automated pentesting simulates real attacks—frequently and affordably.
🔥 Your next test shouldn't be the real breach.
Automate, simulate, adapt. Learn how → https://thehackernews.com/2025/03/sparring-in-cyber-ring-using-automated.html
Forwarded from The Hacker News
🚨RedCurl, the Russian-speaking group—long known for espionage—has deployed ransomware for the first time.
đź‘€ Their new strain: QWCrypt
🧠Tactic: Fake CVs + legit Adobe tools = full system compromise
No leak site. No clear motive. Just chaos.
Details: https://thehackernews.com/2025/03/redcurl-shifts-from-espionage-to.html
đź‘€ Their new strain: QWCrypt
🧠Tactic: Fake CVs + legit Adobe tools = full system compromise
No leak site. No clear motive. Just chaos.
Details: https://thehackernews.com/2025/03/redcurl-shifts-from-espionage-to.html
Forwarded from The Hacker News
👀 Running an unpatched Windows system? You’re a target.
Hackers are exploiting CVE-2025-26633: EncryptHub hijacks Windows MMC with a stealthy .msc file swap via MUIPath, loading malware like Rhadamanthys and StealC through a fake “en-US” folder.
🧪 Trend Micro calls it "MSC EvilTwin."
Read: https://thehackernews.com/2025/03/encrypthub-exploits-windows-zero-day-to.html
Patch now. Share widely.
Hackers are exploiting CVE-2025-26633: EncryptHub hijacks Windows MMC with a stealthy .msc file swap via MUIPath, loading malware like Rhadamanthys and StealC through a fake “en-US” folder.
🧪 Trend Micro calls it "MSC EvilTwin."
Read: https://thehackernews.com/2025/03/encrypthub-exploits-windows-zero-day-to.html
Patch now. Share widely.
Forwarded from The Hacker News
Catch Cloud Threats Before They Catch You!
Contain emerging threats in real time - before they impact your business. Learn how cloud detection and response (CDR) gives security teams the edge they need in this practical, no-nonsense guide.
Download now → https://thn.news/cloud-detection-dummies-2
Contain emerging threats in real time - before they impact your business. Learn how cloud detection and response (CDR) gives security teams the edge they need in this practical, no-nonsense guide.
Download now → https://thn.news/cloud-detection-dummies-2
Forwarded from The Hacker News
🚨 New Chinese cyber attack spotted.
FamousSparrow breached a U.S. trade group + Mexican institute using new, modular malware: SparrowDoor + ShadowPad (first use).
▶️ Targets ran outdated Exchange + Windows Server. ▶️ Backdoor includes spying, keylogging, screenshots, file theft.
📰 Full story → https://thehackernews.com/2025/03/new-sparrowdoor-backdoor-variants-found.html
FamousSparrow breached a U.S. trade group + Mexican institute using new, modular malware: SparrowDoor + ShadowPad (first use).
▶️ Targets ran outdated Exchange + Windows Server. ▶️ Backdoor includes spying, keylogging, screenshots, file theft.
📰 Full story → https://thehackernews.com/2025/03/new-sparrowdoor-backdoor-variants-found.html
Forwarded from Gizchina.com
Motorola Moto G56 5G Undergoes Performance Testing!
https://www.gizchina.com/2025/03/26/motorola-moto-g56-5g-undergoes-performance-testing/
https://www.gizchina.com/2025/03/26/motorola-moto-g56-5g-undergoes-performance-testing/
Forwarded from Hacker News
Mozilla
Firefox: About Your Rights
Forwarded from Hacker News
GitHub
GitHub - deepseek-ai/3FS: A high-performance distributed file system designed to address the challenges of AI training and inference…
A high-performance distributed file system designed to address the challenges of AI training and inference workloads. - GitHub - deepseek-ai/3FS: A high-performance distributed file system design...
Forwarded from Hacker News
Torrentfreak
Spotify's Beta Used 'Pirate' MP3 Files, Some From Pirate Bay * TorrentFreak
Spotify is often credited as the music service most in tune with the 'pirate' mentality, having converted millions of former file-sharers in recent years. Interestingly, according to writer and researcher Rasmus Fleischer, a decade ago the site actually populated…
Forwarded from Hacker News
Matt's internet home
Accessing region-locked iOS features, such as EU app stores
The European Union's Digital Markets Act obligates Apple to provide certain features to iOS users in the EU, such as third party app stores. I live in the US and was able to develop a relatively-straightforward method to spoof your location on iOS and access…
Forwarded from Hacker News
connect.mozilla.org
Information about the New Terms of Use and Updated Privacy Notice for Firefox
For the first time, we’re introducing a Terms of Use for Firefox, alongside an updated Privacy Notice. Earlier today, we published a blog post explaining why we’re making this change and what it means for you. Now, we want to hear from you. We’re committed…
Forwarded from Hacker News
X (formerly Twitter)
The Lunduke Journal (@LundukeJournal) on X
Mozilla has just deleted the following:
“Does Firefox sell your personal data?”
“Nope. Never have, never will. And we protect you from many of the advertisers who do. Firefox products are designed to protect your privacy. That’s a promise. "
https://t.co/OVAJnuHp7x
“Does Firefox sell your personal data?”
“Nope. Never have, never will. And we protect you from many of the advertisers who do. Firefox products are designed to protect your privacy. That’s a promise. "
https://t.co/OVAJnuHp7x
Forwarded from Hacker News