The Hacker News

Malicious npm Package Posing as OpenClaw Installer Deploys RAT, Steals macOS Credentials

Malicious npm package '@openclaw-ai/openclawai' downloaded 178 times installs GhostLoader RAT, stealing credentials and crypto wallets.
The Caledonian-Record

'This is me, very pretty': inside a Cambodian cyberscam site

Multilingual scripts, images of young women and timed toilet breaks: a police tour of a newly busted cyberscam operation in Cambodia on Wednesday revealed how fraudsters ensnare foreign victims online ...
Security Boulevard

What Is an Exposure Assessment Platform — And Why Your Website Is the Blind Spot

In November 2025, Gartner formalized a new security category — Exposure Assessment Platforms — evaluating 20 vendors on their ability to continuously identify and prioritize The post What Is an ...
The Hacker News

UNC6426 Exploits nx npm Supply-Chain Attack to Gain AWS Admin Access in 72 Hours

UNC6426 used stolen GitHub tokens from the 2025 nx npm breach to gain AWS admin access in under 72 hours, enabling data theft and cloud destruction.