Security
Thousands of Node developers compromised by malware in popular npm packages
Malware in the Node.js ecosystem is hiding in plain sight. Security researchers uncover npm packages with thousands of installs, delivering remote access trojans, infostealers, or backdoors. The largest one has over 45,000 weekly downloads.
Read more about Thousands of Node developers compromised by malware in popular npm packages
Profiled by the Defense Department: How hackers are groomed into assets
Greetings, user. If there’s one thing whispered in hacker circles in hushed, conspiratorial tones, it's who’s an informant and who isn’t. How do law enforcement and government agencies recruit hackers? What traits do they look for?
Read more about Profiled by the Defense Department: How hackers are groomed into assets
Over-65s might be more tech savvy than we thought
Over-65s are much more tech savvy than we once realized, as a new report reveals that this age group was much better at spotting ads and scam emails than their younger counterparts.
Read more about Over-65s might be more tech savvy than we thought
North Korean ‘IT worker scams’ take on female personas, expand to Europe, Japan
The North Korean hacker group Nickel Tapestry has found new ways to adapt its IT worker scams, including impersonating female applicants, and expanding its operations to target companies in Europe and Asia.
Read more about North Korean ‘IT worker scams’ take on female personas, expand to Europe, Japan
Elon Musk, Ronaldo, and Binance are the bait in Facebook’s latest scam
A malware campaign is tearing through Facebook’s ad network, hijacking the names of legit crypto brands and celebrities' faces to con users into downloading spyware.
Read more about Elon Musk, Ronaldo, and Binance are the bait in Facebook’s latest scam
Google adds scam-fighting AI to Chrome: will detect malicious websites
Google is adding an on-device artificial intelligence (AI) model to Chrome to fight scams. Gemini Nano, a large language model (LLM), will evaluate websites that users visit and alert if potential fraud is detected.
Read more about Google adds scam-fighting AI to Chrome: will detect malicious websites
Reddit just got catfished by AI – and now it’s policing humanity
Reddit was duped by artificial intelligence (AI) bots manipulating users. Now, it’s rolling out “prove you’re human” checks to protect its authenticity.
Read more about Reddit just got catfished by AI – and now it’s policing humanity
Crypto investor loses $0.5M to scammers, helps uncover industrial-scale crypto theft scheme
A massive “industrial-scale cryptocurrency phishing operation” has been uncovered involving tens of thousands of lure pages, SEO manipulation, abuse of legitimate services, and victims with massive losses.
Read more about Crypto investor loses $0.5M to scammers, helps uncover industrial-scale crypto theft scheme
Malwarebytes iOS app to start blocking Google ads directly on Safari
Malwarebytes announced that its iOS app will start blocking Google’s sponsored ads directly on the Safari browser.
Read more about Malwarebytes iOS app to start blocking Google ads directly on Safari
Novel scam spoofs CNN and impersonates Apple within one ad on X
Scammers on X (former Twitter) are running ads luring users with a fake “iToken” product. The new scam abuses the Apple brand, spoofs a landing page URL to show CNN, but ultimately leads users to a malicious website with a faux Tim Cook peddling a non-existent token.
Read more about Novel scam spoofs CNN and impersonates Apple within one ad on X
Your old router is likely to hide cybercriminals – FBI urges replacing it
The FBI warns that hackers abuse old router models to proxy their attacks and hide their tracks. Thirteen vulnerable end-of-life Linksys models were listed as an easy target for cybercriminals.
Read more about Your old router is likely to hide cybercriminals – FBI urges replacing it
Paws off my data: iOS cat game leak exposes 450K users
The iOS game left nearly half a million users exposed to hackers who could track them, hijack their Facebook accounts, or even weaponize the app’s own backend.
Read more about Paws off my data: iOS cat game leak exposes 450K users
Analysis of AI tools: 84% breached, 51% facing credential theft
AI productivity tools may be silently hemorrhaging company data, with nearly 90% experiencing breaches according to a new report.
Read more about Analysis of AI tools: 84% breached, 51% facing credential theft
Are your AI tools secure? New analysis reveals gaps among market leaders
Even 58% of large language models (LLM) users have tried two or more different LLMs, and worldwide companies are rapidly adopting them to streamline operations, create content, and assist employees. However, the new Cybernews Business Digital Index analysis reveals that many AI tools used in the workplace may not be as secure as businesses assume, posing risks to sensitive corporate data and brand reputation.
Read more about Are your AI tools secure? New analysis reveals gaps among market leaders
Apple macOS had a looming vulnerability that could let attackers in
A now-patched security flaw in Apple macOS could have allowed attackers to execute arbitrary code, leading to a compromise, according to Trend Micro Zero Day Initiative (ZDI).
Read more about Apple macOS had a looming vulnerability that could let attackers in
REAL ID is 'giant bullseye for every hacker in the world,' security expert warns
With the May 7th REAL ID deadline finally here, security experts are warning that the new federally standardized identification is really (no pun intended) a “giant bullseye for every hacker in the world.”
Read more about REAL ID is 'giant bullseye for every hacker in the world,' security expert warns
Can a data leak steal the papal conclave 2025?
As the papal conclave begins and cardinals enter total lockdown to choose the next pope, the Vatican’s centuries-old secrecy faces a modern test. In a world of spyware, deepfakes, and digital espionage, could the unhackable actually be hacked?
Read more about Can a data leak steal the papal conclave 2025?
Tulsi Gabbard’s leaked password is used by thousands of people
Tulsi Gabbard, the current US Director of National Intelligence, reused the same weak password across multiple personal accounts over several years, according to leaked records reviewed by Wired. Over 200,000 users rely on almost the same password to this day, Cybernews data reveals.
Read more about Tulsi Gabbard’s leaked password is used by thousands of people
