Do fear the Reaper - stealer swipes macOS users' passwords, wallets, then backdoors them

The updated SHub stealer variant is called Reaper, and it uses macOS Script Editor, pre-populated with the malicious payload ...
The Hacker News

Ghostwriter Targets Ukrainian Government With Geofenced PDF Phishing, Cobalt Strike

Ghostwriter’s March 2026 Ukraine attacks use PDF lures and geofencing to deploy Cobalt Strike on government targets.
The Caledonian-Record

Enveric Biosciences Expands IP Portfolio with New U.S. Patent Issued for Methods of Treating Psychiatric Disorders

Enveric Biosciences (NASDAQ: ENVB) (“Enveric” or the “Company”), a biotechnology company advancing novel neuroplastogenic small-molecule therapeutics to address psychiatric and neurological disorders, ...
CSO Online

Expired domain leads to supply chain attack on node-ipc npm package

Attackers performed an email takeover attack on a dormant maintainer account and published new node-ipc versions containing ...

Major Canadian online privacy company plans to leave country if lawful access bill passes

A Canadian company providing online privacy and security tools says it would leave the country over a federal bill that could ...
TMCnet

Belarus-aligned FrostyNeighbor attacks Ukrainian government, again - ESET Research discovers

This latest ESET Research report documents new activity observed that started in March 2026, showing continued evolution of tooling and compromise chains. The group primarily targets governmental, ...
Dark Reading

'FrostyNeighbor' APT Carefully Targets Govt Orgs in Poland, Ukraine

A known Belarussian cyber-espionage group is back with a threat campaign against targets in Eastern Europe that uses spear-phishing to deliver malicious payloads to Eastern European government and ...
Tom's Hardware on MSN

Compromised Mistral AI and TanStack packages may have exposed GitHub, cloud and CI/CD credentials

Microsoft says attackers compromised the mistralai PyPI package with malware that executed on import, while researchers link ...

9 reasons Firefox is better (and worse) than Google Chrome

Chrome is the undisputed champion of the web browser game, and for good reason. Firefox competes by offering certain ...
cybernews

Race to tear down open source: copycats reusing TeamPCP’s code in NPM attacks

Copycat hackers are competing to win $1,000 for the largest supply chain attack using Shai-Hulud, an open-sourced worm that has brought down a few major open-source projects. Malicious NPM packages ...