The Hacker News

Self-Propagating Supply Chain Worm Hijacks npm Packages to Steal Developer Tokens

Self-propagating npm worm steals tokens via postinstall hooks, impacting six packages and expanding supply chain attacks.
Security Boulevard

Tropic Trooper Pivots to AdaptixC2 and Custom Beacon Listener

IntroductionOn March 12, 2026, Zscaler ThreatLabz discovered a malicious ZIP archive containing military-themed document ...
Infosecurity Magazine

MacOS Native Tools Enable Stealthy Enterprise Attacks

A growing range of native macOS features are being repurposed by attackers to execute code, move laterally and evade ...
The Hacker News

ThreatsDay Bulletin: $290M DeFi Hack, macOS LotL Abuse, ProxySmart SIM Farms +25 New Stories

ThreatsDay Bulletin: active exploits, supply chain attacks, AI abuse, and stealth data risks observed this week.