The Hacker News

36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants

Strapi plugins exploit Redis and PostgreSQL via postinstall scripts, enabling persistent access and data theft.
The Hacker News

DeepLoad Malware Uses ClickFix and WMI Persistence to Steal Browser Credentials

DeepLoad exploits ClickFix and WMI persistence to steal credentials, enabling stealth reinfection after three days.
GitHub

Integrated powershell terminal keeps creating new lines after opened.

After opened the integrated powershell terminal, it will keep creating new lines (just like keep pressing ENTER button on keyboard). It will not stop until trashing the terminal. I don't really know ...