CSO Online

Malicious npm packages target the n8n automation platform in a supply chain attack

Researchers discovered malicious npm packages posing as n8n integrations, exfiltrating OAuth tokens and API keys from ...
WinBuzzer

Claude Code: Anthropic Blocks Unauthorized Claude ‘Harnesses’ and xAI Access in Major Crackdown

Anthropic has blocked third-party coding tools and rival xAI while releasing Claude Code 2.1.0 to secure its ecosystem ahead ...
Cryptopolitan

Cybersecurity researchers uncover fake Bitcoin npm packages that steal crypto wallets and seeds

Researchers at Zscaler ThreatLabz have found three malicious Bitcoin npm packages that are meant to implant malware named ...
Cybernews

Trust Wallet says browser extension compromise related to Sha1-Hulud incident led to $8.5m theft

Trust Wallet says that the $8.5 million hack is likely linked to the Sha1-Hulud incident, which exposed Developer GitHub ...

Trust Wallet links $8.5 million crypto theft to Shai-Hulud NPM attack

Trust Wallet believes the compromise of its web browser to steal roughly $8.5 million from over 2,500 crypto wallets is ...
Security Boulevard

Best of 2025: CVE-2025-29927 – Understanding the Next.js Middleware Vulnerability

When security vulnerabilities appear in popular frameworks, they can affect thousands of websites overnight. That’s exactly what’s happening with a newly discovered vulnerability in Next.js – one of ...

New GlassWorm malware wave targets Macs with trojanized crypto wallets

A fourth wave of the "GlassWorm" campaign is targeting macOS developers with malicious VSCode/OpenVSX extensions that deliver ...
ZDNet

Don't cancel your Netflix yet - I used these secret codes to unlock the full catalog for free

Follow ZDNET: Add us as a preferred source on Google. Netflix wasn't the first streaming platform, but it was the first to make video-on-demand mainstream. Fourteen years ago, as it phased out its ...