The Hacker News

Fake OSINT and GPT Utility GitHub Repos Spread PyStoreRAT Malware Payloads

PyStoreRAT spreads via fake GitHub tools using small Python or JavaScript loaders to fetch HTA files and install a modular ...

Microsoft Worm Attack Warning — Act Rapidly And Change Passwords Now

Rapidly change your password, the Microsoft security team urges as Shai-Hulud Dune Worm cloud attacks continue.

North Korea lures engineers to rent identities in fake IT worker scheme

In an unprecedented intelligence operation, security researchers exposed how North Korean IT recruiters target and lure ...
CSO Online

Contagious Interview attackers go ‘full stack’ to fool developers

The originators of the Contagious Interview cyberattack campaign are stitching GitHub, Vercel, and NPM together into a development and delivery pipeline to drop malware.
The Hacker News

North Korean Hackers Deploy 197 npm Packages to Spread Updated OtterCookie Malware

North Korean actors deployed 197 new npm packages delivering evolved OtterCookie and GolangGhost malware through fake interview schemes.
TMCnet

Salt Security Launches GitHub Connect to Proactively Discover Shadow APIs and MCP Risks in Code Repositories

New capability for the Salt Illuminate™ platform moves discovery "From Code to Context," identifying risky MCP servers and shadow APIs before deployment. PALO ALTO, Calif., Nov. 18, 2025 /PRNewswire/ ...
abc27

Salt Security Launches GitHub Connect to Proactively Discover Shadow APIs and MCP Risks in Code

With GitHub Connect, Salt enables customers to securely connect their public and private GitHub repositories to the Salt Illuminate™ platform, extending visibility across the full API lifecycle. The ...