Microsoft

Crypto Clipper uses Tor and worm-like propagation for persistence and control

Microsoft Threat Intelligence analyzed a cryptocurrency clipper campaign that combines clipboard theft, wallet replacement, ...

New macOS ClickFix attack silently mounts DMGs to push infostealer

A new macOS ClickFix campaign is using Terminal commands to silently download, mount, and launch info-stealing malware from ...
The Hacker News

Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT

JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.
EUROCONTROL

Retrospective on the ANS industry’s response to the COVID-19 crisis

This is a standalone report based on the analysis developed in the latest ATM Cost-Effectiveness (ACE) Benchmarking Report.
Microsoft

From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...
Computerworld

Industry

Apple’s AI plans show promise, but proof of success still to come — analysts Apple is promising AI today, not tomorrow — so how is the tech industry reacting to Monday’s keynote announcements? With a ...
Dark Reading

Application Security

Explore the latest news and expert commentary on Application Security, brought to you by the editors of Dark Reading ...
GitHub

A-poc/RedTeam-Tools

Customer stories Events & webinars Ebooks & reports Business insights GitHub Skills ...
GitHub

Sehab121/awesome-openclaw-skills-CN

gitload - Download files, folders, or entire repos from GitHub URLs glab-cli - Interact with GitLab using the glab. god-mode - Developer oversight and AI agent coaching. moltbillboard - MoltBillboard ...