The Hacker News

10 npm Packages Caught Stealing Developer Credentials on Windows, macOS, and Linux

Ten typosquatted npm packages (Jul 4, 2025) delivered a 24MB PyInstaller info stealer using 4 obfuscation layers; ~9,900 ...

Malicious NPM packages fetch infostealer for Windows, Linux, macOS

Ten malicious packages mimicking legitimate software projects in the npm registry download an information-stealing component ...

Dangerous npm packages are targeting developer credentials on Windows, Linux and Mac - here's what we know

Recently, security researchers Socket found 10 packages on npm targeting software developers, specifically those who use the npm (Node Package Manager) ecosystem to install JavaScript and Node.js ...

CISA: High-severity Linux flaw now exploited by ransomware gangs

CISA confirmed on Thursday that a high-severity privilege escalation flaw in the Linux kernel is now being exploited in ...

Ransomware hackers are now running Linux encryptors in Windows to stay undetected

EDR tools aren't scanning Linux sandbox environments on Windows, giving cybercriminals a unique opportunity to work undetected.
Ars Technica

Password-stealing Linux malware served for 3 years and no one noticed

A download site surreptitiously served Linux users malware that stole passwords and other sensitive information for more than three years until it finally went quiet, researchers said on Tuesday. The ...

What is malware? Everything you need to know about malicious software and viruses, and how to protect your computer

Malware includes viruses, worms, adware, spyware, and ransomware — they all work differently but tend to cause similar ...
Infosecurity-magazine.com

DaggerFly-Linked Linux Malware Targets Network Appliances

A new malware strain, ELF/Sshdinjector.A!tr, has been linked to the DaggerFly espionage group and used in the Lunar Peek campaign to target Linux-based network appliances. Its primary function is data ...
Neowin

Chinese hackers exploit Linux with new WolfsBane malware

ESET researchers have recently discovered a new Linux backdoor, named WolfsBane, that is being used by the China-aligned Gelsemium APT group. This is the first known instance of Gelsemium using Linux ...
Ars Technica

Spyware/Malware for Linux

Ok I arguing with a guy at work who says Linux has just many viruses and spyware programs as Windows <BR>does. He also says that doubleclick is on my computer on Linux. This guy also teaches at a ...