Malicious NPM packages fetch infostealer for Windows, Linux, macOS

Ten malicious packages mimicking legitimate software projects in the npm registry download an information-stealing component ...
The Hacker News

10 npm Packages Caught Stealing Developer Credentials on Windows, macOS, and Linux

Ten typosquatted npm packages (Jul 4, 2025) delivered a 24MB PyInstaller info stealer using 4 obfuscation layers; ~9,900 ...
Infosecurity Magazine

PHP Servers and IoT Devices Face Growing Cyber-Attack Risks

A rise in attacks on PHP servers, IoT devices and cloud gateways is linked to botnets exploiting flaws, according to new ...