The Hacker News

Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT Malware

Compromised dYdX npm and PyPI packages delivered wallet-stealing malware and a RAT via poisoned updates in a software supply chain attack.
Microsoft

New Clickfix variant ‘CrashFix’ deploying Python Remote Access Trojan

CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger.exe and portable Python to evade detection and persist on high‑value systems.
CNX Software

M5MonsterC5 hacking tool adds ESP32-C5 and 5 GHz Wi-Fi 6 support to M5Stack Cardputer ADV and Tab5

Developed by Laboratorium in Poland, the M5MonsterC5 is an ESP32-C5-based “Marauder” hacking tool designed to work with M5Stack Cardputer ADV or M5Stack Tab5. It gets connected to the Cardputer ADV or ...
Wired

Hundreds of Millions of Audio Devices Need a Patch to Prevent Wireless Hacking and Tracking

Flaws in how 17 models of headphones and speakers use Google’s one-tap Fast Pair Bluetooth protocol have left devices open to eavesdroppers and stalkers. Today, security researchers at Belgium’s KU ...