The Hacker News

Malicious NuGet Packages Stole ASP.NET Data; npm Package Dropped Malware

Four rogue NuGet packages and one npm package stole ASP.NET Identity data, deployed C2 backdoors, and reached over 50,000 ...
Infosecurity Magazine

Fraud Investigation Reveals Sophisticated Python Malware

A sophisticated Python-based malware deployment uncovered during a fraud investigation has revealed a layered attack involving obfuscation, disposable infrastructure and commercial offensive tools.
The Hacker News

North Korean Hackers Publish 26 npm Packages Hiding Pastebin C2 for Cross-Platform RAT

North Korean-linked campaign publishes 26 malicious npm packages hiding C2 in Pastebin, deploying credential stealers & RAT ...
The Hill

Live updates: Partial government shutdown ends as Trump signs funding package into law

President Trump on Tuesday signed a five-bill minibus and two-week continuing resolution to fund the Department of Homeland Security (DHS) into law, ending the partial government shutdown. Twenty-one ...
Hoodline

San Antonio AI Researchers Sound Alarm On Phantom Package Trap

UTSA: ~20% of AI-suggested packages don't exist. Slopsquatting could let attackers slip malicious libs into projects.
WTOC-TV

Lockdown lifted at Savannah Jewish Educational Alliance after suspicious package investigation

SAVANNAH, Ga. (WTOC) [UPDATE 3:45 P.M.] - A lockdown has been lifted at the Savannah Jewish Educational Alliance after police investigated a suspicious package outside the building Thursday. Around 11 ...
Roll Call

Trump signs major spending package while immigration talks continue

President Donald Trump signed into law a $1.2 trillion spending package Tuesday, ending a four-day-old partial government shutdown despite a lingering battle over immigration enforcement policies. The ...