AppsFlyer Web SDK used to spread crypto stealer JavaScript code

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.

Cascade of A.I. Fakes About War With Iran Causes Chaos Online

“The use of A.I. images of places in the Gulf — being burnt or damaged — becomes more important in Iran’s playbook,” Mr.

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...
The Hacker News

Investigating a New Click-Fix Variant

New ClickFix variant maps WebDAV drive to run trojanized WorkFlowy app, enabling stealth C2 beacon and payload delivery.
LinuxInsider

How to Harden Firefox for Better Security on Linux

This guide shows how to install the latest Firefox build on Linux and adjust key settings to reduce tracking, limit telemetry, and strengthen browser security.