The Hacker News

Lazarus Campaign Plants Malicious Packages in npm and PyPI Ecosystems

North Korea-linked Lazarus campaign spreads malicious npm and PyPI packages via fake crypto job offers, deploying RATs and data-stealing malware.

Fake AI Chrome extensions with 300K users steal credentials, emails

A set of 30 malicious Chrome extensions that have been installed by more than 300,000 users are masquerading as AI assistants ...