The Hacker News

Lazarus Campaign Plants Malicious Packages in npm and PyPI Ecosystems

North Korea-linked Lazarus campaign spreads malicious npm and PyPI packages via fake crypto job offers, deploying RATs and ...
The Hacker News

First Malicious Outlook Add-In Found Stealing 4,000+ Microsoft Credentials

First malicious Outlook add-in abused an abandoned domain to host a fake Microsoft login page, stealing 4,000+ credentials in ...
CSO Online

Software developers: Prime cyber targets and a rising risk vector for CISOs

From technical compromise to AI-driven attacks, cyber criminals increasingly see software developers as prime targets, creating systemic risks CISOs must address.

Pastebin comments push ClickFix JavaScript attack to hijack crypto swaps

Threat actors are abusing Pastebin comments to distribute a new ClickFix-style attack that tricks cryptocurrency users into ...
Opinion

Prediction markets are the new open-source spycraft

Prediction markets turn US secrets into onchain signals. Crypto bets on tariffs and raids become foreign intelligence’s open-source spycraft goldmine.
ZDNet

10 open-source apps I recommend every Windows user download - for free

If Windows is your preferred operating system, consider these open-source apps. There are numerous open-source apps available for almost any task. These are all free to install and use on Windows.

Fake job recruiters hide malware in developer coding challenges

A new variation of the fake recruiter campaign from North Korean threat actors is targeting JavaScript and Python developers with cryptocurrency-related tasks.
InfoWorld

JDK 26: The new features in Java 26

Java Development Kit (JDK) 26, a planned update to standard Java due March 17, 2026, has reached the initial release candidate (RC) stage. The RC is open for critical bug fixes, with the feature set ...