The Hacker News

Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT

JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.
Infosecurity Magazine

Lookalike npm Package Hides a Multi-Stage Windows RAT

A malicious npm package has been caught impersonating one of the JavaScript ecosystem's most widely used build tools. The ...
ProPublica

ProPublica — Investigative Journalism and News in the Public Interest

Lawmakers gave specific orders to Trump officials on foreign aid spending, but officials have refused to follow many of them — likely in violation of the law, experts say. In doing so, they’re ...