Hackers hijack thousands of sites for ClickFix and FakeUpdate attacks

A threat actor tracked as DriveSurge has been operating large-scale malware distribution campaigns using ClickFix and ...

After CBSE admits gaps in OSM, teen hacker reacts with Honey Singh's 'Dope Shope' meme

Nisarga Adhikary, a 19-year-old hacker who claimed to have found critical vulnerabilities and data security lapses in Central ...
Microsoft

Malicious npm packages abuse dependency confusion to profile developer environments

A dependency confusion campaign leveraged 33 malicious npm packages to collect reconnaissance data from developer and build environments. This report details the attack chain, observed tradecraft, and ...