SecurityWeek

Legacy Windows Tool MSHTA Fuels Surge in Silent Malware Attacks

Attackers are increasingly abusing Microsoft’s legacy MSHTA utility to silently deliver malware, stealers, and persistent ...
CSO Online

Internet Explorer may be dead, but its ghost still runs malware

A legacy Windows scripting utility tied to Internet Explorer is still being used in modern malware campaigns, researchers say ...
InfoQ

TanStack Details Sophisticated npm Supply Chain Attack That Compromised 42 Packages

TanStack has released a detailed postmortem describing a sophisticated supply-chain attack that compromised 42 npm packages ...

Pembroke Pines pet store franchisee files Chapter 11 with $3 million-plus in debt

A South Florida pet retailer filed for Chapter 11 bankruptcy while seeking to restructure more than $3 million in debt tied ...

Owner of 105 rental properties in Miami-Dade and Broward files Chapter 11

The bankruptcy filing came amid an ownership dispute.

Shai-Hulud keeps burrowing: 314 npm packages infected after another account compromise

Popular JavaScript modules including size-sensor and echarts-for-react hit as hijacked account closed GitHub warnings ...
cybernews

Supply chain hit once again: single NPM account pushes 600+ compromised packages, used by millions

Another massive supply chain attack is spreading. Hundreds of compromised NPM packages are being detected, with hackers using stolen secrets to create over 2,200 public GitHub repositories, all ...