Dark Reading

GlassWorm Malware Evolves to Hide in Dependencies

The infamous GlassWorm malware has infected dozens more Open VSX software packages, according to new research.

NHS came close to collapse during Covid and patients were failed, inquiry finds

NHS collapse was only “narrowly avoided” due to efforts of staff who put themselves at exceptional risk, the inquiry says.
Cybernews

Hundreds of code repos falling like dominoes, infected by new wave of self-replicating malware

A massive, self-replicating GlassWorm supply-chain attack has compromised hundreds of code repositories and extensions on ...

This is Microsoft’s plan to fix Windows 11

Windows 11 will start with a first batch of improvements, followed by much broader changes throughout the rest of the year. The initial changes will start being previewed througho ...

The UK’s meningitis outbreak and the grim legacy of Covid

MenB vaccination rates have been falling in parts of England, particularly in London and other big cities such as Manchester. Completed MenB immunisation among one-year-olds is as low as 61 per cent ...

VoidStealer malware steals Chrome master key via debugger trick

An information stealer called VoidStealer uses a new approach to bypass Chrome's Application-Bound Encryption (ABE) and ...

Fake Google security page can turn your browser into a spying tool

Security researchers say a phishing scam impersonates Google to install malware that steals 2FA codes, tracks location and ...

New ‘Perseus’ Android malware checks user notes for secrets

A new Android malware called Perseus is checking user-curated notes to steal sensitive information, like passwords, recovery ...
CSO Online

Open VSX extensions hijacked: GlassWorm malware spreads via dependency abuse

Threat actors are publishing clean extensions that later update to depend on hidden payload packages, bypassing marketplace ...
Microsoft

When tax season becomes cyberattack season: Phishing and malware campaigns using tax-related lures

During tax season, threat actors reliably take advantage of the urgency and familiarity of time-sensitive emails, including ...

Google Shakes Up Its Browser Agent Team Amid OpenClaw Craze

As Silicon Valley obsesses over a new wave of AI coding agents, Google and other AI labs are shifting their bets.
Security Boulevard

CanisterWorm: The Self-Spreading npm Attack That Uses a Decentralized Server to Stay Alive

UTC, Aikido Security detected an unusual pattern across the npm registry: dozens of packages from multiple organizations were receiving unauthorized patch updates, all containing the same hidden ...