A critical n8n flaw has been discovered - here's how to stay safe

The vulnerability was fixed in n8n version 1.111.0, with the addition of a task-runner-based native Python implementation ...
The Hacker News

WhatsApp Worm Spreads Astaroth Banking Trojan Across Brazil via Contact Auto-Messaging

Astaroth banking malware is spreading in Brazil through WhatsApp messages, using ZIP files to steal contacts and banking ...

Astaroth banking malware returns with WhatsApp-based worm targeting Brazil

Dubbed “Boto-Cor-de-Rosa,” the new campaign includes the addition of a WhatsApp web-based worm that allows the malware to spread itself by using a victim’s WhatsApp contacts versus previous Astaroth ...
The Register on MSN

Are criminals vibe coding malware? All signs point to yes

They also hallucinate when writing ransomware code Interview With everyone from would-be developers to six-year-old kids jumping on the vibe coding bandwagon, it shouldn't be surprising that criminals ...
Cryptopolitan on MSN

Cybersecurity researchers uncover fake Bitcoin npm packages that steal crypto wallets and seeds

Researchers at Zscaler ThreatLabz have found three malicious Bitcoin npm packages that are meant to implant malware named ...
The Hacker News

Researchers Uncover NodeCordRAT Hidden in npm Bitcoin-Themed Packages

Security researchers found 3 npm packages that installed NodeCordRAT malware, stealing browser data, crypto wallet secrets & ...

Critical jsPDF flaw lets hackers steal secrets via generated PDFs

The jsPDF library for generating PDF documents in JavaScript applications is vulnerable to a critical vulnerability that ...