Latest Tech News

Stay updated with the latest in technology, AI, cybersecurity, and more

Filtered by: mali Clear Filter

Malicious Rust packages on Crates.io steal crypto wallet keys

bleepingcomputer.com Unknown 2025-10-03 18:43:14

Two malicious packages with nearly 8,500 downloads in Rust's official crate repository scanned developers' systems to steal cryptocurrency private keys and other secrets. Rust crates are distributed through a central registry at Crates.io, the equivalent of npm for JavaScript, PyPI for Python, and Ruby Gems for Ruby. The malicious crates, named faster_log and async_println, were published on the platform on May 25 and were downloaded 7,200 and 1,200 times, respectively. Researchers at code se

Topics: crate crates malicious project socket
Read More
Shop Amazon

NPM package caught using QR Code to fetch cookie-stealing malware

bleepingcomputer.com Unknown 2025-10-09 06:42:14

Newly discovered npm package 'fezbox' employs QR codes to retrieve cookie-stealing malware from the threat actor's server. The package, masquerading as a utility library, leverages this innovative steganographic technique to harvest sensitive data, such as user credentials, from a compromised machine. QR codes find yet another use case While 2D barcodes like QR codes have conventionally been designed for humans, to hold marketing content or share links, attackers have found a new purpose for

Topics: code codes malicious package qr
Read More
Shop Amazon

Hidden risk in Notion 3.0 AI agents: Web search tool abuse for data exfiltration

news.ycombinator.com Unknown 2025-10-11 13:49:37

AI Agents are increasingly getting integrated into SaaS platforms. Notion today announced that as part of their Notion 3.0 milestone they will be introducing AI Agents that can do everything you can in Notion—create docs, update databases, search across connected tools, and carry out multi-step workflows by planning and executing actions with MCP integrations. You can personalize or even build teams of Custom Agents that run on triggers or schedules, giving you autonomous assistants that continu

Topics: client data malicious notion web
Read More
Shop Amazon

CISA exposes malware kits deployed in Ivanti EPMM attacks

bleepingcomputer.com Unknown 2025-10-12 18:46:44

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published an analysis of the malware deployed in attacks exploiting vulnerabilities affecting Ivanti Endpoint Manager Mobile (EPMM). The flaws are an authentication bypass in EPMM’s API component (CVE-2025-4427) and a code injection vulnerability (CVE-2025-4428) that allows execution of arbitrary code. The two vulnerabilities affect the following Ivanti EPMM development branches and their earlier releases: 11.12.0.4, 12.3.0.1

Topics: cisa ivanti malicious malware threat
Read More
Shop Amazon

Tinycolor supply chain attack post-mortem

news.ycombinator.com Scott Cooper 2025-10-17 02:18:38

A malicious GitHub Actions workflow was pushed to a shared repo and exfiltrated a npm token with broad publish rights. The attacker then used that token to publish malicious versions of 20 packages, including @ctrl/tinycolor . My GitHub account, the @ctrl/tinycolor repository were not directly compromised. There was no phishing involved, and no malicious packages were installed on my machine and I already use pnpm to avoid unapproved postinstall scripts. There was no pull request involved becau

Topics: github malicious npm packages versions
Read More
Shop Amazon

Microsoft adds malicious link warnings to Teams private chats

bleepingcomputer.com Unknown 2025-10-26 02:21:23

Microsoft Teams will automatically alert users when they send or receive a private message containing links that are tagged as malicious. Microsoft will introduce these new warnings for messages containing URLs that have been flagged as spam, phishing, or malware, for all Microsoft Defender for Office 365 (MDO) and Microsoft Teams enterprise customers. The new link protection feature will begin rolling out with a public preview for desktop, Android, web, and iOS users in September 2025 and is

Topics: feature malicious message microsoft teams
Read More
Shop Amazon

Hackers left empty-handed after massive NPM supply-chain attack

bleepingcomputer.com Unknown 2025-10-28 10:56:15

The largest supply-chain compromise in the history of the NPM ecosystem has impacted roughly 10% of all cloud environments, but the attacker made little profit off it. The attack occurred earlier this week after maintainer Josh Junon (qix) fell for a password reset phishing lure and compromised multiple highly popular NPM packages, among them chalk and degub-js, that cumulatively have more than 2.6 billion weekly downloads. After gaining access to Junon’s account, the attackers pushed maliciou

Topics: attack cloud environments malicious packages
Read More
Shop Amazon

Hackers steal 3,325 secrets in GhostAction GitHub supply chain attack

bleepingcomputer.com Unknown 2025-11-01 18:53:59

A new supply chain attack on GitHub, dubbed 'GhostAction,' has compromised 3,325 secrets, including PyPI, npm, DockerHub, GitHub tokens, Cloudflare, and AWS keys. The attack was discovered by GitGuardian researchers, who report that the first signs of compromise on one of the impacted projects, FastUUID, became evident on September 2, 2025. The attack involved leveraging compromised maintainer accounts to perform commits that added a malicious GitHub Actions workflow file that triggers automat

Topics: gitguardian github malicious secrets tokens
Read More
Shop Amazon

6 browser-based attacks all security teams should be ready for in 2025

bleepingcomputer.com Unknown 2025-11-07 15:01:11

What security teams need to know about the browser-based attack techniques that are the leading cause of breaches in 2025. “The browser is the new battleground.” “The browser is the new endpoint”. These are statements you’ll run into time and again as you read articles on websites like this one. But what does this actually mean from a security perspective? In this article, we’ll explore what security teams are trying to stop attackers from doing in the browser, breaking down what a “browser-b

Topics: attackers browser malicious phishing security
Read More
Shop Amazon

Threat actors abuse X’s Grok AI to spread malicious links

bleepingcomputer.com Unknown 2025-11-09 02:01:34

Threat actors are using Grok, X's built-in AI assistant, to bypass link posting restrictions that the platform introduced to reduce malicious advertising. As discovered by Guardio Labs' researcher Nati Tal, mavertisers often run sketchy video ads containing adult content baits and avoid including a link to the main body to avoid being blocked by X. Instead, they hide it in the small "From:" metadata field under the video card, which apparently isn't scanned by the social media platform for mal

Topics: grok instead link links malicious
Read More
Shop Amazon

Why you should delete your browser extensions right now - or do this to stay safe

zdnet.com Jack Wallen 2025-11-13 02:03:00

Elyse Betters Picaro / ZDNET Follow ZDNET: Add us as a preferred source on Google. ZDNET's key takeaways Malicious browser extensions are a widespread problem. Even vetted extensions can be dangerous. Here's what you should do to avoid issues. Koi Security investigated a single malicious extension used as a color picker and found it had infected 2.3 million users on Chrome and Edge. Cybernews reported in 2024 that more than 350 million people downloaded insecure browsers during a two-year

Topics: browser extension extensions malicious use
Read More
Shop Amazon

How RubyGems.org protects OSS infrastructure

news.ycombinator.com Marty Haught 2025-11-28 08:02:51

by Marty Haught Recently, Socket.dev published research highlighting malicious gems designed to steal social media credentials. We wanted to use this as an opportunity to share more about how RubyGems.org security operates, how we proactively handled this incident (and others), and the work our team is doing each day to keep the ecosystem safe. How We Detect Malicious Gems RubyGems.org security uses a proactive and multi-layered approach: 1. Automated detection: Every gem upload is analyzed

Topics: malicious org rubygems security team
Read More
Shop Amazon

Malicious Android apps with 19M installs removed from Google Play

bleepingcomputer.com Unknown 2025-11-29 05:37:22

Seventy-seven malicious Android apps with more than 19 million installs were delivering multiple malware families to Google Play users. This malware infiltration was discovered by Zscaler's ThreatLabs team while investigating a new infection wave with Anatsa (Tea Bot) banking trojan targeting Android devices. While most of the malicious apps (over 66%) included adware components, the most common Android malware was Joker, which researchers encountered in almost 25% of the analyzed apps. Once

Topics: anatsa apps google malicious malware
Read More
Shop Amazon

LLMs and coding agents are a security nightmare

news.ycombinator.com Gary Marcus 2025-12-13 14:04:34

Last October, I wrote an essay called “When it comes to security, LLMs are like Swiss cheese — and that’s going to cause huge problems” warning that “The more people use LLMs, the more trouble we are going to be in”. Until last week, when I went to Black Hat Las Vegas, I had no earthly idea how serious the problems were. There, I got to know Nathan Hamiel, a Senior Director of Research at Kudelski Security and the AI, ML, and Data Science track lead for Black Hat, and also sat in on a talk by tw

Topics: agents code coding llm malicious
Read More
Shop Amazon

LLMs and Coding Agents = Security Nightmare

news.ycombinator.com Gary Marcus 2025-12-14 02:04:34

Last October, I wrote an essay called “When it comes to security, LLMs are like Swiss cheese — and that’s going to cause huge problems” warning that “The more people use LLMs, the more trouble we are going to be in”. Until last week, when I went to Black Hat Las Vegas, I had no earthly idea how serious the problems were. There, I got to know Nathan Hamiel, a Senior Director of Research at Kudelski Security and the AI, ML, and Data Science track lead for Black Hat, and also sat in on a talk by tw

Topics: agents code coding llm malicious
Read More
Shop Amazon

DoubleAgents: Fine-Tuning LLMs for Covert Malicious Tool Calls

news.ycombinator.com Justin Albrethsen 2025-12-21 04:31:16

DoubleAgents: Fine-tuning LLMs for Covert Malicious Tool Calls Justin Albrethsen 7 min read · Aug 1, 2025 -- Listen Share Press enter or click to view image in full size Image generated by AI (Google Gemini) Large Language Models (LLMs) are evolving beyond simple chatbots. Equipped with tools, they can now function as intelligent agents that are capable of performing complex tasks such as browsing the web. However, with this ability comes a major challenge: trust. How can we verify the integri

Topics: fine llm llms malicious tool
Read More
Shop Amazon

60 malicious Ruby gems downloaded 275,000 times steal credentials

bleepingcomputer.com Unknown 2025-12-26 16:11:21

Sixty malicious Ruby gems containing credential-stealing code have been downloaded over 275,000 times since March 2023, targeting developer accounts. The malicious Ruby gems were discovered by Socket, which reports they targeted primarily South Korean users of automation tools for Instagram, TikTok, Twitter/X, Telegram, Naver, WordPress, and Kakao. RubyGems is the official package manager for the Ruby programming language, enabling the distribution, installation, and management of Ruby librari

Topics: gems malicious ruby socket tools
Read More
Shop Amazon

Fake WhatsApp developer libraries hide destructive data-wiping code

bleepingcomputer.com Unknown 2025-12-30 09:42:30

Two malicious NPM packages posing as WhatsApp development tools have been discovered deploying destructive data-wiping code that recursively deletes files on a developer's computers. Two malicious NPM packages currently available in the registry target WhatsApp developers with destructive data-wiping code. The packages, discovered by researchers at Socket, masquerade as WhatsApp socket libraries and were downloaded over 1,100 times since their publication last month. Despite Socket having fil

Topics: com github malicious packages socket
Read More
Shop Amazon

Wave of 150 crypto-draining extensions hits Firefox add-on store

bleepingcomputer.com Unknown 2025-12-31 12:00:00

A malicious campaign dubbed 'GreedyBear' has snuck onto the Mozilla add-ons store, targeting Firefox users with 150 malicious extensions and stealing an estimated $1,000,000 from unsuspecting victims. The campaign, discovered and documented by Koi Security, impersonates cryptocurrency wallet extensions from well-known platforms such as MetaMask, TronLink, and Rabby. These extensions are uploaded in a benign form initially, to be accepted by Firefox, and accumulate fake positive reviews. At a

Topics: add extensions koi malicious wallet
Read More
Shop Amazon

Attackers exploit link-wrapping services to steal Microsoft 365 logins

bleepingcomputer.com Unknown 2026-01-08 06:24:48

A threat actor has been abusing link wrapping services from reputed technology companies to mask malicious links leading to Microsoft 365 phishing pages that collect login credentials. The attacker exploited the URL security feature from cybersecurity company Proofpoint and cloud communications firm Intermedia in campaigns from June through July. Some email security services include a link wrapping feature that rewrites the URLs in the message to a trusted domain and passes them through a scan

Topics: email link malicious phishing wrapping
Read More
Shop Amazon

Inside a Real Clickfix Attack: How This Social Engineering Hack Unfolds

bleepingcomputer.com Unknown 2026-01-14 09:05:15

An inside look at a ClickFix campaign and a real-world attack, its next iteration (FileFix), and how to prevent it in its tracks, before device compromise. ClickFix: Silent Copying to Clipboard ClickFix, a deceptive social engineering tactic, is used by threat actors to manipulate unsuspecting users into unwittingly allowing a web page to silently populate the clipboard. Ultimately, the attacker is attempting to get a user to (unknowingly) execute malicious code, gathered from the browser and

Topics: browser clickfix clipboard malicious user
Read More
Shop Amazon

Google Pixels just got a welcome boost for PC emulation (Update)

androidauthority.com Unknown 2026-01-12 21:22:40

Update: July 31, 2025 (7:35 AM ET): GameSir has now come back to us with more details, confirming that the update for devices with Mali GPUs is available now. The company also says that Pixel phones are better than MediaTek-powered devices if you want to emulate PC titles: When it comes to simulating PC environments, if you have to choose a Mali device, Pixel phones are still your best option. They come with the latest GPU drivers and receive updates far more frequently than other smartphone b

Topics: devices mali pc phones pixel
Read More
Shop Amazon

Emulating PC games on your non-Snapdragon device just got better (Update)

androidauthority.com Unknown 2026-01-19 00:10:50

Hadlee Simons / Android Authority TL;DR GameSir has announced that its GameHub app now offers much better support for MediaTek chipsets with Mali GPUs. The company also revealed that it’s working with MediaTek to launch custom Mali GPU drivers. GameHub lets people play PC games on their Android phones without streaming. Update: July 29, 2025 (8:30 AM ET): GameSir’s representatives have now confirmed that Pixel phones will also benefit from these GameHub improvements. You can check out our ar

Topics: devices games mali pc support
Read More
Shop Amazon

Google Pixels just got a welcome boost for PC emulation

androidauthority.com Unknown 2026-01-20 09:22:40

Hadlee Simons / Android Authority TL;DR GameSir has confirmed that its GameHub PC emulator will also perform better on Google Pixel phones. This comes shortly after it announced performance improvements for devices with Mali graphics. The company hasn’t detailed which improvements will come to Pixel phones, but this is still good news for mobile gamers. Controller brand GameSir recently announced that its GameHub app for PC emulation offers much better support for devices with Mali GPUs. The

Topics: devices improvements mali phones pixel
Read More
Shop Amazon

Flaw in Gemini CLI AI coding assistant allowed stealthy code execution

bleepingcomputer.com Unknown 2026-01-21 18:40:44

A vulnerability in Google's Gemini CLI allowed attackers to silently execute malicious commands and exfiltrate data from developers' computers using allowlisted programs. The flaw was discovered and reported to Google by the security firm Tracebit on June 27, with the tech giant releasing a fix in version 0.1.14, which became available on July 25. Gemini CLI, first released on June 25, 2025, is a command-line interface tool developed by Google that enables developers to interact directly with

Topics: command gemini malicious tracebit user
Read More
Shop Amazon

Emulating PC games on your non-Snapdragon device just got better

androidauthority.com Unknown 2026-01-23 12:10:50

Hadlee Simons / Android Authority TL;DR GameSir has announced that its GameHub app now offers much better support for MediaTek chipsets with Mali GPUs. The company also revealed that it’s working with MediaTek to launch custom Mali GPU drivers. GameHub lets people play PC games on their Android phones without streaming. There are a few ways to natively play PC games on your phone without streaming, with Winlator and GameSir’s GameHub app being the most popular solutions. These apps tradition

Topics: devices gpus mali mediatek support
Read More
Shop Amazon

Best Minimalist Wallet for 2025 Tested By CNET Experts

cnet.com See Full Bio 2026-01-23 06:00:00

If you want specific materials then some wallets may not be suitable for you. The number of cards you need will determine the size and shape of your minimalist wallet. CNET staff -- not advertisers, partners or business interests -- determine how we review products and services. If you buy through our links, we may earn a commission. Are you still using a bulky wallet that's packed full of receipts from who knows when and looks like it's about to burst at the seams? If so, it may be time to u

Topics: cards minimalist money wallet wallets
Read More
Shop Amazon

Hackers breach Toptal GitHub account, publish malicious npm packages

bleepingcomputer.com Unknown 2026-01-28 04:26:04

Hackers compromised Toptal's GitHub organization account and used their access to publish ten malicious packages on the Node Package Manager (NPM) index. The packages included data-stealing code that collected GitHub authentication tokens and then wiped the victims' systems. Toptal is a freelance talent marketplace that connects companies with software developers, designers, and finance experts. The company also maintains internal developer tools and design systems, most notably Picasso, which

Topics: github malicious packages picasso toptal
Read More
Shop Amazon

Firefox-patch-bin, librewolf-fix-bin AUR packages contain malware

news.ycombinator.com Unknown 2026-02-07 04:48:48

On the 16th of July, at around 8pm UTC+2, a malicious AUR package was uploaded to the AUR. Two other malicious packages were uploaded by the same user a few hours later. These packages were installing a script coming from the same GitHub repository that was identified as a Remote Access Trojan (RAT). The affected malicious packages are: - librewolf-fix-bin - firefox-patch-bin - zen-browser-patched-bin The Arch Linux team addressed the issue as soon as they became aware of the situation. As of to

Topics: aur bin malicious packages uploaded
Read More
Shop Amazon

GitHub abused to distribute payloads on behalf of malware-as-a-service

arstechnica.com Unknown 2026-02-08 23:16:09

Researchers from Cisco’s Talos security team have uncovered a malware-as-a-service operator that used public GitHub accounts as a channel for distributing an assortment of malicious software to targets. The use of GitHub gave the malware-as-a-service (MaaS) a reliable and easy-to-use platform that’s greenlit in many enterprise networks that rely on the code repository for the software they develop. GitHub removed the three accounts that hosted the malicious payloads shortly after being notified

Topics: emmenhtal github malicious malware talos
Read More
Shop Amazon
Trending Topics
Hot Now
ai 3975 apple 3250 new 2592 google 2193 content 1855
Popular
like 1626 company 1524 pro 1469 iphone 1303 app 1224 zdnet 1175 said 1174 data 1153 does 962 reviews 944
Emerging
editorial 923 amazon 921 game 905 samsung 826 phone 826 android 805 just 793 pixel 787 users 754 available 744
About GoKawiil

GoKawiil is a project by nerdhub.co that curates technology news from trusted sources. We built this site to provide a cleaner, more mobile-friendly experience without intrusive ads or heavy JavaScript.

Privacy

Your privacy matters. GoKawiil doesn't use Google Analytics or Facebook Pixel. The only tracking occurs through affiliate links to Amazon.

Advertising

Interested in advertising? Contact us at [email protected]