The Hacker News

Self-Propagating Supply Chain Worm Hijacks npm Packages to Steal Developer Tokens

Self-propagating npm worm steals tokens via postinstall hooks, impacting six packages and expanding supply chain attacks.
SecurityWeek

Google Antigravity in Crosshairs of Security Researchers, Cybercriminals

Google Antigravity’s increasing popularity has brought the development platform into the crosshairs of researchers and ...

Multimedia Plus Launches MMP AI Studio, Turning Product Content Into Training and E-Commerce Videos in Minutes

New platform eliminates video production bottlenecks, enabling brands to scale training and product content without ...
MUO on MSN

FileZilla kept getting worse, so I found this FTP client instead

My main FileZilla replacement is Cyberduck, and it’s been that way for several years now. It’s open source, available for ...
Infosecurity Magazine

STX RAT Targets Finance Sector With Advanced Stealth Tactics

STX RAT, a newly identified remote access trojan, attempted deployment in finance, showing advanced C2 and stealthy delivery ...
The Hacker News

UAT-10362 Targets Taiwanese NGOs with LucidRook Malware in Spear-Phishing Campaigns

UAT-10362 spear-phishing targets Taiwanese NGOs in October 2025, deploying LucidRook malware for data exfiltration and ...
China Daily

Alibaba spotlights useful AI at expo

Alibaba's decision to spotlight its AI strategy at the expo also reflects a broader policy upgrade linked to the development ...
MUO on MSN

I replaced Notepad++ with this lightweight editor and never looked back

Kate is what Notepad++ wishes it could be ...
GitHub

backup-to-ftp.rsc

# Saves both .backup and .rsc export, uploads to FTP, cleans up local files. # Schedule: daily at 20:00 via /system scheduler # 3. Create the schedule: /system ...
GitHub

vsftpd_debian_hardening_script.sh

# - For vsftpd, anonymous login is disabled by default. # - This script creates an *allowed userlist* so that FTP denies # any logins not listed in /etc/vsftpd.userlist. # Notes: # - Must be run with ...
Arabian Post

STX RAT deepens stealth malware risks

What makes the threat notable is the way it narrows the gap between a traditional RAT and an infostealer. Analysts found that STX RAT can give operators covert control of a victim machine through a ...

Fake Google Antigravity Installer Can Steal Accounts in Minutes

Fake Antigravity downloads are enabling fast account takeovers using hidden malware and stolen session cookies.