The Hacker News

Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT Malware

Compromised dYdX npm and PyPI packages delivered wallet-stealing malware and a RAT via poisoned updates in a software supply chain attack.
Microsoft

New Clickfix variant ‘CrashFix’ deploying Python Remote Access Trojan

CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger.exe and portable ...
Every

Now More Fun at Parties

Dan tested Codex 5.3 on Proof, a macOS markdown editor that he's been vibe coding that tracks the origin of every piece of text—whether it was written by a human or generated by AI—and lets users ...