New PhantomRaven NPM attack wave steals dev data via 88 packages

New attack waves from the 'PhantomRaven' supply-chain campaign are hitting the npm registry, with dozens of malicious packages that exfiltrate sensitive data from JavaScript developers.
The Hacker News

Microsoft Warns Developers of Fake Next.js Job Repos Delivering In-Memory Malware

A "coordinated developer-targeting campaign" is using malicious repositories disguised as legitimate Next.js projects and technical assessments to trick victims into executing them and establish ...
News-Press NOW

Seemplicity Introduces Seema for Conversational Exposure Intelligence

Seemplicity today announced the launch of Seema, an AI-powered conversational assistant that makes it easier for cybersecurity teams to gain clarity on their exposure management posture. Seema is ...
Telegram

Worcester picks longtime RI official as health and human services commissioner

WORCESTER – The city announced it has hired Seema Dixit to be its next commissioner of health and human services, following Dr. Matilde Castiel's retirement in September. According to a press release, ...
Bleeping Computer

Fake job recruiters hide malware in developer coding challenges

A new variation of the fake recruiter campaign from North Korean threat actors is targeting JavaScript and Python developers with cryptocurrency-related tasks. The activity has been ongoing since at ...