The Hacker News

Over 1,000 Exposed ComfyUI Instances Targeted in Cryptomining Botnet Campaign

Over 1,000 exposed ComfyUI instances exploited via unauthenticated code execution, enabling Monero mining and botnet expansion.

Hackers exploit React2Shell in automated credential theft campaign

Hackers are running a large-scale campaign to steal credentials in an automated way after exploiting React2Shell ...
CSO Online

Security lapse lets researchers view React2Shell hackers’ dashboard

The campaign is stealing credentials from unpatched servers at scale, due to “neglect and efficiency,” says analyst, and the ...
SecurityWeek

React2Shell Exploited in Large-Scale Credential Harvesting Campaign

The UAT-10608 hacking group is using automated scanning and scripts to exploit React2Shell in a large-scale credential ...

New CrystalRAT malware adds RAT, stealer and prankware features

A new malware-as-a-service called CrystalRAT is being promoted on Telegram, offering remote access, data theft, keylogging, ...
Security Boulevard

Frequently Asked Questions About the Axios npm Supply Chain Attack by North Korea-Nexus Threat Actor UNC1069

A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...
Microsoft

WhatsApp malware campaign delivers VBScript and MSI backdoors

A malware campaign uses WhatsApp messages to deliver VBS scripts that initiate a multi-stage infection chain. The attack ...

Malware on npm: HTTP client axios loads backdoor for Windows, macOS, and Linux

The maintainer account for the axios package on npm was compromised to inject a remote access trojan for Windows, macOS, and ...
The Hacker News

Google Attributes Axios npm Supply Chain Attack to North Korean Group UNC1069

Google links Axios npm supply chain attack to UNC1069 after trojanized versions 1.14.1 and 0.30.4 spread WAVESHAPER.V2, ...

For Screenwriters, the Craft Has Always Required a Village: A New Retreat Company Is Building One

WASHINGTON, DC, UNITED STATES, March 30, 2026 /EINPresswire.com/ -- A creative writing retreat company founded by a ...

SecureIQLab SOCx Platform Adds AI Security Validation Across Four Methodologies

SecureIQLab today announced that its SOCx AI-Driven Cloud Security Validation Platform has integrated AI Security CyberRisk Validation as its fourth active methodology, joining Advanced Cloud ...
PharmaTimes

DNA Script signs SYNTAX distribution agreements with Gencell, BMS and Biostream

DNA Script has signed distribution agreements with Gencell, Bio-Medical Science (BMS) and Biostream, expanding global access to its SYNTAX platform. Providing automated, in-house and on demand ...