FinanceFeeds

Shai Hulud Malware Hits 400+ JavaScript Packages in Major NPM Supply-Chain Attack

Charlie Eriksen, a researcher at Aikido, identified the infected libraries and confirmed each detection manually to minimize ...

NPM supply-chain attack compromises major ENS and crypto libraries

A researcher reported that more than 400 NPM libraries, including a cluster of ENS-linked crypto packages, were breached by ...

ClickFix attack uses fake Windows Update screen to push malware

New ClickFix attack variants have been observed where threat actors trick users with a realistic-looking Windows Update ...
Crypto News

Massive NPM Supply-Chain Attack Targets ENS-Linked Libraries in Shai Hulud Breach

Shai-Hulud malware infiltrates 490 NPM packages, stealing API keys and credentials from ENS and major crypto development ...

Google exposes BadAudio malware used in APT24 espionage campaigns

China-linked APT24 hackers have been using a previously undocumented malware called BadAudio in a three-year espionage ...
The Hacker News

JackFix Uses Fake Windows Update Pop-Ups on Adult Sites to Deliver Multiple Stealers

ClickFix has become hugely successful as it relies on a simple yet effective method, which is to entice a user into infecting ...
SecurityWeek

Chinese Cyberspies Deploy ‘BadAudio’ Malware via Supply Chain Attacks

A Chinese threat actor tracked as APT24 has been observed employing multiple techniques to deploy BadAudio malware ...
The Hacker News

APT24 Deploys BADAUDIO in Years-Long Espionage Hitting Taiwan and 1,000+ Domains

APT24 and Autumn Dragon launch multi-year espionage campaigns using BADAUDIO, supply chain attacks, and new CVE-2025-8088 ...

Merino header earns Arsenal point at 10-man Chelsea

Makeshift striker Mikel Merino scores a crucial equaliser against 10-man Chelsea as Arsenal move five points clear at the top ...

Foden scores injury-time winner as Man City see off Leeds fightback

Follow live text commentary, score updates and match stats from Manchester City vs Leeds United in the Premier League ...
Hit Points on MSN

Google Tells 2 Billion Chrome Users to Restart Now Or Face ‘Wild Attacks’

On November 17, 2025, a critical security flaw in Google Chrome’s V8 JavaScript engine sent shockwaves through the digital world. Hackers began exploiting the vulnerability before Google could release ...