InfoWorld

From typos to takeovers: Inside the industrialization of npm supply chain attacks

A dramatic spike in npm-focused intrusions shows how attackers have shifted from opportunistic typosquatting to systematic, credential-driven supply chain compromises — exploiting CI systems, ...
Enterprise Times

Securonix says Windows malware SHADOW#REACTOR drops Remcos RAT

Securonix has published a blog giving details of a new multi-stage Windows malware campaign it calls SHADOW#REACTOR. Its goal is to deploy the Remcos RAT ...