The Hacker News

27 Malicious npm Packages Used as Phishing Infrastructure to Steal Login Credentials

Researchers uncovered 27 malicious npm packages used over five months to host phishing pages that steal credentials from ...
Infosecurity Magazine

Five Key Flaws Exploited in 2025's Major Software Supply Chain Incidents

Infosecurity has selected five of the most significant vulnerability exploitation campaigns of 2025 that led to major ...
Cybernews

The 2025 npm worm that shook the software supply chain

As a worm spread through hundreds of npm packages in 2025, it didn't exploit a vulnerability – it exploited the architecture.

LinkedIn Attack Alert — 1.2 Billion Users Must Watch For Red Flags

If you are one of the 1.2 billion registered users of the LinkedIn professional social network platform, pay attention to ...
Cybernews

New Shai-Hulud 3.0 variant discovered, closing out 2025 with a malware bang

A new strain of the Shai Hulud worm is discovered by researchers, signaling the self-propagating supply chain threat ...

Page 2: The winner's podium: ranks 3 to 1

Security topics take the top spots by a clear margin: in software development, it's supply chain incidents that make life ...
Windows LatestOpinion

JavaScript creator warns against “rushed web UX over native” as Windows 11 leans harder on WebView2 and Electron

JavaScript creator says rushed web UX causes bloat and points to WebView2/Electron as Windows 11’s bigger problem.