The Hacker News

36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants

Strapi plugins exploit Redis and PostgreSQL via postinstall scripts, enabling persistent access and data theft.
Microsoft

WhatsApp malware campaign delivers VBScript and MSI backdoors

A malware campaign uses WhatsApp messages to deliver VBS scripts that initiate a multi-stage infection chain. The attack ...
InfoWorld

Claude Code is still vulnerable to an attack Anthropic has already fixed

The leak of Claude Code’s source is already having consequences for the tool’s security. Researchers have spotted a ...

What Teens Are Doing With Those Role-Playing Chatbots

Harassing bots with “funny violence.” Confiding about a broken heart. Chatting with a block of cheese. Filling a void of ...