Maximum severity React2Shell flaw exploited by North Korean hackers in malware attacks

The Chinese are not the only ones exploiting React2Shell, a maximum-severity vulnerability that was recently discovered in ...
SecurityWeek

React2Shell Attacks Linked to North Korean Hackers

Attacks exploiting the recently emerged React vulnerability dubbed React2Shell appear to have been conducted by North Korean threat actors ...

North Korean hackers exploit React2Shell flaw in EtherRAT malware attacks

A new malware implant called EtherRAT, deployed in a recent React2Shell attack, runs five separate Linux persistence mechanisms and leverages Ethereum smart contracts for communication with the ...
NBC News

Norovirus is spreading earlier again this year, wastewater data shows

A nasty, highly contagious virus is spreading across the country ahead of the holiday season — and it’s not the flu or Covid. Norovirus, also called the “winter vomiting disease,” has been rising ...
National Geographic news

This virus infects almost everyone—and it may lead to lupus

Nearly all adults carry Epstein–Barr virus—but new research reveals how it can hijack immune cells, sparking a chronic disease that attacks the body from within. This colorized transmission electron ...
GitHub

[Announcement] External JavaScript runtime now required for full YouTube support

Note that only deno is enabled by default; all others are disabled by default for security reasons. See the EJS wiki page for more details. In addition to the JavaScript runtime, yt-dlp also requires ...
Futurism

Malware Is Now Using AI to Rewrite Its Own Code to Avoid Detection

Researchers at Google’s Threat Intelligence Group (GTIG) have discovered that hackers are creating malware that can harness the power of large language models (LLMs) to rewrite itself on the fly. An ...
The Hacker News

Stealit Malware Abuses Node.js Single Executable Feature via Game and VPN Installers

Cybersecurity researchers have disclosed details of an active malware campaign called Stealit that has leveraged Node.js' Single Executable Application (SEA) feature as a way to distribute its ...
bitnewsbot

Stealit Malware Abuses Node.js SEA to Spread Ransomware

Cybersecurity researchers revealed an active malware campaign called Stealit that exploits Node.js’ Single Executable Application (SEA) feature for distributing malicious payloads. The campaign uses ...
Fox News

New virus strain spikes in 9 US states with symptoms from brain fog to persistent cough

As COVID-19 continues to evolve, a new strain is spiking case numbers worldwide. The XFG variant, also known as Stratus, has been gaining momentum after first being detected in Southeast Asia in ...
HHS

Stop Malware at Build Time, Not Runtime

Supply chain attacks are escalating across open-source ecosystems, such as Node.js, Python and Java. Many originate from either malware injection or unpatched vulnerabilities, which expose enterprises ...