The Hacker News

Chrome Extension Turns Malicious After Ownership Transfer, Enabling Code Injection and Data Theft

Malicious Chrome extensions tied to ownership transfers push malware and steal data, exposing thousands to credential theft and system compromise.
The Hacker News

UNC6426 Exploits nx npm Supply-Chain Attack to Gain AWS Admin Access in 72 Hours

UNC6426 used stolen GitHub tokens from the 2025 nx npm breach to gain AWS admin access in under 72 hours, enabling data theft and cloud destruction.
TechJuice

Hackers Exploit npm Supply Chain to Gain AWS Admin Access

Hackers exploited a compromised npm package to breach cloud systems and gain full AWS administrator access within 72 hours.

AppsFlyer Web SDK used to spread crypto stealer JavaScript code

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.
Los Angeles Chargers

Why Khalil Mack Chose the Chargers Again in Free Agency

The Chargers on Saturday agreed on a contract extension with Mack as the future Hall of Famer returns in free agency ...