The Hacker News

ClickFix Campaigns Expand Malware Delivery With New Loaders and Fake Update Lures

ClickFix attacks are delivering BabaDeda, Lorem Ipsum, and Potemkin loaders to deploy stealers, RATs, and ransomware-linked ...
Microsoft

Preinstall to persistence: Inside the Red Hat npm Miasma credential-stealing campaign

Microsoft Threat Intelligence identified a large-scale npm supply chain attack affecting 32 maliciously modified packages across more than 90 versions under the @redhat-cloud-services npm scope. The ...

What's behind Cipher Digital stock rally: $810M debt offering meets BTC bounce

Cipher Digital (CIFR) plans $810M senior secured notes to fund Stingray data center, boost reserves and reimburse equity—see ...
The Next Web

Cipher Digital raises $810 million in junk bonds to build another Amazon data centre in Texas

Cipher Digital is selling $810M in high-yield bonds to fund its Stingray data centre in West Texas, leased to Amazon for 15 years, at a yield of 6.25%.

Cipher Digital Inc. Announces Proposed Offering of $810.0 Million of Senior Secured Notes

Cipher Digital Inc. (NASDAQ: CIFR) (“Cipher” or the “Company”) a leading developer, owner, and operator of industrial-scale data centers, today announced that its wholly-owned subsidiary, Stingray ...
InfoWorld

Protocol Buffers schemas expose remote code execution risk

Researchers at Cyera found six vulnerabilities in prtobuf.js, including a flaw that can turn attacker-controlled schema data ...

The ‘Miasma’ worm source code briefly leaked on GitHub

The Miasma credential-stealing attack framework, which has recently targeted open-source ecosystems through supply-chain ...

Fake Claude Code Installers Deliver Credential-Stealing Malware

Fake Claude Code install sites are pushing malware that steals API keys, developer credentials, crypto wallets, and other sensitive data.
Dark Reading

Vulnerabilities & Threats

Explore the latest news and expert commentary on Vulnerabilities & Threats, brought to you by the editors of Dark Reading ...