The Hacker News

27 Malicious npm Packages Used as Phishing Infrastructure to Steal Login Credentials

Cybersecurity researchers have disclosed details of what has been described as a "sustained and targeted" spear-phishing campaign that has published over two dozen packages to the npm registry to ...
CNN

US bans new foreign drone models in a blow to Chinese giant DJI

Chinese-made drones have dominated the skies in the United States for years, with private owners, police departments, and firefighters deploying them nationwide. But a new rule by the Federal ...
Bleeping Computer

Malicious npm package steals WhatsApp accounts and messages

A malicious package in the Node Package Manager (NPM) registry poses as a legitimate WhatsApp Web API library to steal WhatsApp messages, collect contacts, and gain access to the account. A fork of ...
The Hacker News

How to Browse the Web More Sustainably With a Green Browser

As the internet becomes an essential part of daily life, its environmental footprint continues to grow. Data centers, constant connectivity, and resource-heavy browsing habits all contribute to energy ...
GitHub

⏳ Time-Warp-Manipulation

Time-Warp-Manipulation is a powerful NPM package that allows you to manipulate time in your JavaScript or TypeScript applications. With this library you can freeze time, accelerate or decelerate time ...
Bleeping Computer

Microsoft 365 accounts targeted in wave of OAuth phishing attacks

Multiple threat actors are compromising Microsoft 365 accounts in phishing attacks that leverage the OAuth device code authorization mechanism. Attackers trick victims into entering a device code on ...