NPM package caught using QR Code to fetch cookie-stealing malware

Newly discovered npm package 'fezbox' employs QR codes to hide a second-stage payload to steal cookies from a user's web browser. The package, masquerading as a utility library, leverages this ...
Bitdefender

Patch Your Browser! Google Addresses a Newly Exploited Security Flaw in Chrome’s V8 Engine

Google is rolling out updated versions of Chrome to the masses, signaling that attackers are exploiting a newly discovered ...
Infosecurity Magazine

npm Package Uses QR Code Steganography to Steal Credentials

A malicious npm package named Fezbox has been found using an unusual technique to conceal harmful code. The package employs a ...
The Hacker News

ComicForm and SectorJ149 Hackers Deploy Formbook Malware in Eurasian Cyberattacks

ComicForm phishing since April 2025 targets Belarus, Kazakhstan, Russia using Formbook malware, evading Microsoft Defender.
The Hacker News

GitHub Mandates 2FA and Short-Lived Tokens to Strengthen npm Supply Chain Security

GitHub enforces FIDO 2FA and seven-day token limits after Shai-Hulud npm attack to boost supply chain security.
Make Tech Easier

Can This Terminal-Based Browser Be Your Daily Browser?

w3m is a terminal-based browser that works well for distraction-free reading but falls short as a modern browser replacement.
Security Boulevard

Trojan Horse Virus: Understanding, Detecting, and Defending with Seceon

The Trojan Horse Virus is one of the most deceptive forms of malware. Just like the Greek myth of soldiers hiding in a wooden horse to invade Troy, Trojan malware disguises itself as harmless files or ...