The Hacker News

Four Malicious npm Packages Deliver Infostealers and Phantom Bot DDoS Malware

Cybersecurity researchers have discovered four new npm packages containing information-stealing malware, one of which is a clone of the Shai-Hulud worm open-sourced by TeamPCP. The list of identified ...
The Hacker News

Funnel Builder Flaw Exploited to Enable WooCommerce Checkout Skimming

A critical security vulnerability impacting the Funnel Builder plugin for WordPress has come under active exploitation in the wild to inject malicious JavaScript code into WooCommerce checkout pages ...