Infosecurity Magazine

npm Package Uses QR Code Steganography to Steal Credentials

A malicious npm package named Fezbox has been found using an unusual technique to conceal harmful code. The package employs a ...

'Haven for predators': Two NC families sue Roblox & Discord, alleging sexual exploitation

A Wake County teen and a Cumberland County child are the latest in a growing number of people to sue apps Roblox and Discord alleging the platforms are a "haven for adult sexual predators and ...
The Hacker News

iframe Security Exposed: The Blind Spot Fueling Payment Skimmer Attacks

Stripe iframe skimmer hit 49 merchants in Aug 2024, bypassing CSP to steal cards, driving PCI DSS 4.0.1 updates.
CSO Online

Macs go phishing as GitHub impostors drop Atomic stealer

OS users are being tricked in the ongoing campaign with fake GitHub pages that deliver the Atomic infostealer.