The Hacker News

Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT

JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.
The Hacker News

Microsoft Warns of Photo ZIP Phishing Campaign Targeting Hotels with Node.js Implant

Microsoft says hotel phishing emails are using Calendly links and photo ZIP files to drop the TonRAT Node.js implant on front ...
Microsoft

Crypto Clipper uses Tor and worm-like propagation for persistence and control

Microsoft Threat Intelligence analyzed a cryptocurrency clipper campaign that combines clipboard theft, wallet replacement, ...
Microsoft

From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...
Fair Observer

The Indian Subcontinent’s Hindu-Muslim Divide

We rely on your support for our independence, diversity and quality. Fair Observer is a 501(c)(3) independent nonprofit. We are not owned by billionaires or controlled by advertisers. We publish ...
LinkedIn

Expo SDK 56 Kotlin Compiler Plugin Boosts Performance

The new plugin uses the Kotlin K2 compiler API. Instead of adding new files, it modifies the existing code during the build process. It targets two main bottlenecks: 1. Type Information: The plugin ...
GitHub

xushanpei/open-file-viewer

Open File Viewer 是一个面向现代 Web 产品的文件预览 SDK。它把 PDF、Office、图片、音视频、压缩包、邮件、图纸、3D、GIS ...
GitHub

SSShooter/mind-elixir-core

Mind elixir is a open source JavaScript mind map core. You can use it with any frontend framework you like.