‘TrapDoor’ malware targets crypto dev tools in supply chain attack

Developer platform Socket says a malware called TrapDoor is targeting crypto and AI developers across npm, PyPI and Crates, aiming to steal crypto wallet info and browser data.
The Hacker News

TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO

TrapDoor spread 34 malicious packages across npm, PyPI, and Crates.io, stealing developer credentials and enabling persistence.

Stadium and hospitality workers demand better wages ahead of Houston World Cup events

Stadium and hospitality workers in Houston rally for higher wages and respect ahead of the World Cup, arguing rising product ...

Vancouver office landlords turn to show suites to stay competitive

Vancouver landlords still recovering from the effects of the pandemic are trying to lower vacancy rates by shifting their ...

Do fear the Reaper - stealer swipes macOS users' passwords, wallets, then backdoors them

A new infostealer variant targets macOS users by spoofing Apple, Microsoft, and Google and then then gets to work searching ...
Tech Times

Exchange Server OWA Zero-Day CVE-2026-42897 Exploited With No Permanent Patch and New Mitigation Gaps

Microsoft confirmed on May 14 that CVE-2026-42897 — a cross-site scripting flaw in the Outlook Web Access component of Exchange Server 2016, 2019, and Subscription Edition — is under active ...
LGBTQ Nation

“Welcome to MAGA!” Pete Buttigieg’s replacement rages at Dem who questioned his corporate funding

Many people pointed out that Duffy, a former Fox personality married to Fox host Rachel Campos-Duffy, and other Fox ...

Military asks personnel in capital region to return field gear, citing ‘critical equipment shortages’

CAF members directed to hand in several pieces of personal kit if they are not assigned to a ‘deployable unit’ ...
DataBreachToday

Patched OpenClaw Flaws Let Hackers Hijack AI Agents

Four chainable flaws in OpenClaw allowed attackers to move from an initial foothold to persistent system-level compromise by ...
DATAQUEST

India's AI surge exposes software supply chain security gaps

India's software supply chain security challenge is deepening as AI expands the attack surface while many enterprises lack ...
Tech Times

GitHub CISO Names Nx Console as Root of 3,800-Repo Breach: OpenAI, Grafana Also Hit

GitHub CISO Alexis Wales confirmed Thursday that a poisoned build of the Nx Console Visual Studio Code extension — live on ...