Bleeping Computer

New PhantomRaven NPM attack wave steals dev data via 88 packages

New attack waves from the ‘PhantomRaven’ supply-chain campaign are hitting the npm registry, with dozens of malicious packages that exfiltrate sensitive data from JavaScript developers. The campaign ...
Cyber Daily

Pressing matter: A global WordPress ClickFix malware campaign is targeting Australian websites

Rapid7 researchers spot a malicious campaign aimed at harvesting credentials and digital wallets from Windows machines.