The Hacker News

Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT

JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.
The Caledonian-Record

Nonprofits: Los Angeles schools need to do better following Carvalho's resignation

Superintendent Alberto Carvalho has resigned from the Los Angeles Unified School District, and education watchdogs are not sad to see him go.
Tech Times

npm Supply Chain Attack: North Korea Backdoored 144 AI Packages in 88 Minutes

Mastra AI’s 144 JavaScript packages was executed in just 88 minutes by North Korea’s Sapphire Sleet hacking group, which ...
GitHub

Minoan Claude Code Configuration

claude-code-minoan/ ├── skills/ # 97 custom skills across 5 categories │ ├── core-development/ # Architecture, task tracking, code search │ ├── integration-automation/ # Local ML, RAG, browser, ...
Microsoft

From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...
The Business Journals

Faster sales, more listings and higher prices define Central Ohio’s May housing report

To continue reading this content, please enable JavaScript in your browser settings and refresh this page. Preview this article 1 min The housing market began to heat ...
The Business Journals

San Antonio foreclosures surge 27% as national filings climb 18%

To continue reading this content, please enable JavaScript in your browser settings and refresh this page. Preview this article 1 min Foreclosure activity has been on ...
GitHub

powershell_fileless_script_contains_base64_encoded_content.yml

description: The following analytic detects the execution of PowerShell scripts containing Base64 encoded content, specifically identifying the use of `FromBase64String`. It leverages PowerShell ...