AppsFlyer Web SDK used to spread crypto stealer JavaScript code

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.

LeakNet ransomware uses ClickFix, Deno runtime in stealthy attacks

The LeakNet ransomware gang is now using the ClickFix technique for initial access into corporate environments and deploys a ...
The Hacker News

Claude Code Security and Magecart: Getting the Threat Model Right

Magecart hides payload in favicon EXIF via third-party scripts, bypassing static analysis and stealing checkout data at runtime.
The Hacker News

LeakNet Ransomware Uses ClickFix via Hacked Sites, Deploys Deno In-Memory Loader

LeakNet uses ClickFix via compromised sites to gain access, enabling stealth attacks and scalable ransomware operations.
InfoWorld

Software Development

Longtime favorite for web development falls to 30th in the Tiobe index of language popularity. ‘There is no need for Ruby anymore.’ Python has many powerful applications as a “meta-language” or a code ...
Microsoft

Contagious Interview: Malware delivered through fake developer job interviews

The Contagious Interview campaign weaponizes job recruitment to target developers. Threat actors pose as recruiters from crypto and AI companies and deliver backdoors such as OtterCookie and ...
XDA Developers on MSN

Google kept featuring this Chrome extension for months after it turned malicious

How can an extension change hands with no oversight?
WinBuzzer

Fake Claude Code Pages Spread Malware to Developers via Google Ads

A malvertising campaign has spread fake Claude Code install pages through Google Ads, delivering the Amatera infostealer to ...