SecurityWeek

Everest Forms Vulnerability Exploited to Hack WordPress Sites

Hackers have been exploiting a remote code execution vulnerability in the Everest Forms Pro plugin to take over WordPress ...

The ‘Miasma’ worm source code briefly leaked on GitHub

The Miasma credential-stealing attack framework, which has recently targeted open-source ecosystems through supply-chain ...

Webcam-hacking Minecraft malware is disguising itself as mods, and it's infected thousands of PCs

The malware, built to look like Minecraft launchers and mods, gives hackers access to your screen, files, webcam, accounts, ...
Dexerto

Malware hidden in Minecraft mods gave hackers webcam access to 116,000 players for $5

Someone built a Minecraft hacking business with a leaderboard, a suggestion box, and a free tier. It has 116,000 victims.

New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...
SecurityWeek

Over 100 NPM, PyPI Packages Hit in New Shai-Hulud Supply Chain Attacks

Over 100 NPM and PyPI packages were injected with malicious code in the Miasma and Hades Shai-Hulud supply chain attack ...

This Minecraft malware can spy through your webcam and steal your passwords: How to be safe

A new malware called WeedHack is targeting Minecraft players through fake mods and game clients, allowing hackers to steal ...
The Hacker News

Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...