New PhantomRaven NPM attack wave steals dev data via 88 packages

New attack waves from the 'PhantomRaven' supply-chain campaign are hitting the npm registry, with dozens of malicious packages that exfiltrate sensitive data from JavaScript developers.
The Hacker News

⚡ Weekly Recap: Qualcomm 0-Day, iOS Exploit Chains, AirSnitch Attack & Vibe-Coded Malware

Your weekly cybersecurity roundup covering the latest threats, exploits, vulnerabilities, and security news you need to know.

APT28 hackers deploy customized variant of Covenant open-source tool

The Russian state-sponsored APT28 threat group is using a custom variant of the open-source Covenant post-exploitation ...

4 teens charged with murder in shooting death of 16-year-old at Robeson County party, deputies say

ROBESON COUNTY, N.C. (WBTW) — Four teenagers are facing multiple charges, including first-degree murder, after a 16-year-old ...
FOX 2 Detroit on MSN

Suspects charged in 2024 murder of Fenton man inside abandoned Detroit school

Investigators say that the victim was led inside the former school in the 13100 block of Wildemere Street in Detroit.
WeLiveSecurity

Sednit reloaded: Back in the trenches

ESET researchers document how the Sednit APT group has reemerged with a modern toolkit centered on two paired implants – BeardShell and Covenant.