JFrog says six malicious npm packages used hidden install-time execution, JSONKeeper fetches, and sandbox checks to enable remote access.
Unsurprisingly to many of us, app stores for smart televisions are also trash. Perhaps even more full of trash than other app stores due to the smaller ecosystem and fewer reviewers. Spur analyzed ...
ENVIRONMENT: An Investment company is seeking a Mid-level Software Developer to join their team in Durbanville, Cape Town. The Mid-level Software Developer is responsible for designing, building, and ...
A SimpleHelp authentication flaw is being exploited to deploy Djinn Stealer, a cross-platform malware targeting cloud, ...
Separate but similar campaigns described by Microsoft and Trend Micro use malicious zip files to spread malware via social ...
A threat actor has been exploiting CVE-2026-48558, a critical SimpleHelp vulnerability, to drop TaskWeaver and Djinn Stealer ...
Microsoft reports an active cyber campaign targeting hotels in Europe and Asia using fake photo ZIPs, PowerShell malware, and Node.js implants with evolving evasion tactics. magnific.com Microsoft ...
Microsoft says hotel phishing emails are using Calendly links and photo ZIP files to drop the TonRAT Node.js implant on front ...
The next major release of Deno, a JavaScript/TypeScript runtime, will include new commands to build cross-platform desktop ...
ENVIRONMENT: A growing South African ICT solutions business, specialising in technology services for the Retail and Healthcare sectors, is seeking a Senior Backend Software Developer to join its ...
A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary code on the host system. The security issue is tracked as CVE-2026-26956 and ...