North Korea-linked actors behind Contagious Interview published 108 malicious packages across npm, Packagist, Go, and Chrome extensions by compromising legitimate maintainer accounts in the ongoing PolinRider campaign.
The Hacker News
· 22h ago
· Read full article →
A U.S. government entity paid approximately $1 million to extortion group Kairos after data theft, with blockchain analysis and leaked negotiation logs confirming the payment.
The Hacker News
· 20h ago
· Read full article →
Researchers documented JadePuffer as the first ransomware operation where a large language model agent autonomously executed the entire attack chain without human operator intervention.
BleepingComputer
· 19h ago
· Read full article →
Apple's Hide My Email relay service exposed real user email addresses under certain conditions, while an alleged Scattered Spider member was extradited in a separate development. The Apple flaw undermines a privacy feature marketed to high-risk users, eroding trust in a key iCloud+ anonymization tool.
Wired Security
· 23h ago
· Read full article →
๐ดโโ ๏ธ Scattered Spider ยท Multi-national