AppsFlyer Web SDK used to spread crypto stealer JavaScript code

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.

New PhantomRaven NPM attack wave steals dev data via 88 packages

New attack waves from the 'PhantomRaven' supply-chain campaign are hitting the npm registry, with dozens of malicious packages that exfiltrate sensitive data from JavaScript developers.

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...
PhillyVoice

Mayor Parker proposes new taxes on Uber rides and Amazon deliveries to raise money for schools and road repairs

Her budget plan also adds 1,000 homeless shelter beds, maintains two SEPTA fare programs and steers $211 million in opioid ...

'Everybody hates you': Mother, her boyfriend forced 11-year-old boy to repeatedly write sentences saying 'you're not a loved child,' cops say

A mom and her boyfriend from Illinois are in jail after they allegedly subjected her 11-year-old son to years-long abuse including forcing him to write sentences such as "you're not a loved child." ...