ThreatDown Uncovers First Cyber Attack Abusing Deno JavaScript Runtime for Fileless Malware Delivery

ThreatDown, the corporate business unit of Malwarebytes, today published research documenting what researchers believe to be ...
The Hacker News

DRILLAPP Backdoor Targets Ukraine, Abuses Microsoft Edge Debugging for Stealth Espionage

DRILLAPP JavaScript backdoor targets Ukraine in Feb 2026, abusing Edge debugging features to spy via camera, microphone, and ...

CISA orders feds to patch DarkSword iOS flaws exploited attacks

CISA ordered U.S. government agencies to patch three iOS vulnerabilities targeted in cryptocurrency theft and cyberespionage attacks using the DarkSword exploit kit.
InfoWorld

First look: Electrobun for TypeScript-powered desktop apps

Powered by the TypesScript-native runtime Bun, Electrobun improves Electron with a smaller application footprint and built-in ...

GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...

Researchers discover zero-day DarkSword exploit chain in iOS 18

Researchers from Google LLC and two cybersecurity companies have identified a set of zero-day exploits in iOS 18. Google’s ...
BeInCrypto

Ocean Network Wants to Turn Idle GPUs Into a Global Pay-Per-Use Compute Market

Ocean Network links idle GPUs with AI workloads through a decentralized compute market and editor-based orchestration tools.
Cryptopolitan on MSN

GhostClaw targets developers to extract crypto wallet access

A new malware dubbed GhostClaw is targeting crypto wallets on macOS machines. The fake OpenClaw installer captures private ...
The Hacker News

Malicious npm Package Posing as OpenClaw Installer Deploys RAT, Steals macOS Credentials

Malicious npm package '@openclaw-ai/openclawai' downloaded 178 times installs GhostLoader RAT, stealing credentials and ...

"CanisterWorm" supply chain malware attacks npm

A threat actor who stole credentials from a legitimate node package manager (npm) publisher has spread a persistent, ...
Biometric Update

Aura breach and AI companion app flaws sharpen privacy fears

A new security report on AI companion apps is drawing attention because it arrives as an identity protection company is dealing with a data exposure incident.