JavaScript devs beware: this popular NPM package has been compromised by attackers

An extremely popular NPM package used in many JavaScript projects has been compromised and can wreak havoc on your machine if ...

DarkSword iOS exploit chain adopted by multiple threat actors: Report

Google Threat Intelligence Group (GTIG), Lookout Threat Labs, and iVerify published coordinated research in March 2026 on ...
Yahoo

In praise of Libby, the app that brings parts of Kansas libraries to life online

Add Yahoo as a preferred source to see more of our stories on Google. The Libby app offers broad access to ebooks and audiobooks through public libraries, writes our Friday columnist. (Illustration by ...
Redmond Magazine

Signed Malware Impersonating Workplace Apps Used To Deploy RMM Backdoors

Attackers distributed malware disguised as installers for Microsoft Teams, Zoom, Adobe Acrobat Reader and Google Meet -- all signed with an Extended Validation certificate to appear legitimate. The ...
TwinCities.com

State Department orders nonprofit libraries to stop processing passport applications

NORWICH, Conn. (AP) — The U.S. State Department has ordered certain public libraries nationwide to cease processing passport applications, disrupting a long-standing service that librarians say their ...
The Hacker News

Konni Hackers Deploy AI-Generated PowerShell Backdoor Against Blockchain Developers

The North Korean threat actor known as Konni has been observed using PowerShell malware generated using artificial intelligence (AI) tools to target developers and engineering teams in the blockchain ...
The Hacker News

CERT/CC Warns binary-parser Bug Allows Node.js Privilege-Level Code Execution

A security vulnerability has been disclosed in the popular binary-parser npm library that, if successfully exploited, could result in the execution of arbitrary JavaScript. The vulnerability, tracked ...