The Hacker News

Investigating a New Click-Fix Variant

New ClickFix variant maps WebDAV drive to run trojanized WorkFlowy app, enabling stealth C2 beacon and payload delivery.
MUO on MSN

I asked Claude, ChatGPT, and Gemini to build a simulation, and one winner was obvious

The LLM race stopped being a close contest pretty quickly.

AppsFlyer Web SDK used to spread crypto stealer JavaScript code

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.

One of Epstein’s Levers of Power: Access to Elite Private Schools

Jeffrey Epstein used his money and influence in the world of elite private schools to assist friends and acquaintances.

GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...