The Hacker News

Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT

JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.
SecurityWeek

CryptoBandits Malware Doubles as a Backdoor, Abuses Tor

The Windows-based CryptoBandits cryptocurrency clipper blends data exfiltration and remote code execution in a backdoor.
Microsoft

Crypto Clipper uses Tor and worm-like propagation for persistence and control

Microsoft Threat Intelligence analyzed a cryptocurrency clipper campaign that combines clipboard theft, wallet replacement, ...

The attack dominating financial services doesn't steal passwords. It resets MFA and steals the token.

Credential theft fell to 13% of breach vectors in 2026. Attackers now bypass MFA via help desk resets and OAuth token theft.
CSOonline

Microsoft disrupts malware code-signing service used by ransomware gangs

Cybercriminals paid between $5,000 and $9,000 to make their malware harder to detect on Windows, highlighting its effectiveness and a shift in how the cybercrime market operates. Microsoft has ...
MacRumors

Apple Project Files Allegedly Stolen in Foxconn Ransomware Attack

Apple supplier Foxconn has confirmed a cyberattack on several of its U.S. factories, after a ransomware group claimed to have stolen confidential Apple project files as part of the hack. The Nitrogen ...
Cult of Mac

Ransomware gang claims theft of Apple files in Foxconn attack

Foxconn, a critical supplier for major hardware companies including Apple and Nvidia, confirmed Tuesday that a cyberattack struck its North American operations. And the group behind the attack claims ...
Fox News

Banking tech data breach exposes 672K in ransomware attack

If you've ever trusted your bank to keep your financial data safe, this incident will hit close to home. A behind-the-scenes tech company used by banks has revealed that more than 672,000 people had ...
Bleeping Computer

Termite ransomware breaches linked to ClickFix CastleRAT attacks

Ransomware threat actors tracked as Velvet Tempest are using the ClickFix technique and legitimate Windows utilities to deploy the DonutLoader malware and the CastleRAT backdoor. Researchers at ...
Infosecurity-magazine.com

Ransomware Payments Decline 8% as Attacks Surge 50%

Ransomware actors are extorting bigger payments from a smaller number of victims, as the number of those victims surges but overall revenues fall, according to Chainalysis. The blockchain analytics ...
Game Rant

All Go Up For Brainrots Codes in Fortnite

Nathan Round, part of GameRant's talented Game Guides Team, is the leading voice for Call of Duty guides. From meta loadouts to the best weapons for each season, he takes pride in crafting top-notch ...
Computer Weekly

Qilin crew continues to dominate ransomware ecosystem

Qilin, the ransomware gang behind a crippling 2024 cyber attack on a major NHS supplier partner, maintained its status as “top dog” in the ransomware ecosystem during January 2026, accounting for ...