New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...
Cryptopolitan on MSN

IronWorm malware plants rootkit in Arweave ecosystem npm libraries

A malware named IronWorm spread through 36 npm packages in the Arweave ecosystem, stealing developer credentials and self ...
The Hacker News

Six Proto6 Vulnerabilities in protobuf.js Expose Node.js Apps to RCE and DoS

Six Proto6 flaws in protobuf.js enable RCE and DoS attacks; patched in versions 7.5.6 and 8.0.2 to protect Node.js services.
MSN on MSN

CISA ordered agencies to patch the actively exploited MongoBleed flaw before attackers spread

Federal agencies that rely on MongoDB now face a hard deadline to fix a vulnerability that lets unauthenticated attackers read sensitive data straight from server memory. The Cybersecurity and ...
The Hacker News

IronWorm and New Miasma Worm Variant Hit npm in Supply Chain Attacks

Multiple npm supply chain attacks used 50+ poisoned packages to spread IronWorm, a Rust-based stealer, and a Miasma worm ...
Spectrum News NY1

Ex-congressman, sex offender Anthony Weiner files papers for City Council run

Former Rep. Anthony Weiner is starting to plan a political comeback, filing paperwork with the city’s Campaign Finance Board to run for a City Council seat on Manhattan’s Lower East Side. Weiner went ...