The Hacker News

Fake Laravel Packages on Packagist Deploy RAT on Windows, macOS, and Linux

Malicious Packagist Laravel packages install a cross-platform RAT enabling remote shell access and system reconnaissance via C2 server.

Mail2Shell zero-click attack lets hackers hijack FreeScout mail servers

A maximum severity vulnerability in the FreeScout helpdesk platform allows hackers to achieve remote code execution without any user interaction or authentication.

Hacker mass-mails HungerRush extortion emails to restaurant patrons

Customers of restaurants using the HungerRush point-of-sale (POS) platform say they received emails from a threat actor attempting to extort the company, warning that restaurant and customer data ...
The Hacker News

Chrome Extension Turns Malicious After Ownership Transfer, Enabling Code Injection and Data Theft

Malicious Chrome extensions tied to ownership transfers push malware and steal data, exposing thousands to credential theft ...
Infosecurity Magazine

Zero-Click FreeScout Bug Enables Remote Code Execution

Ox Security warns that Mail2Shell could enable threat actors to hijack FreeScout systems without user interaction ...
Cars

News & videos

Browse up-to-the-minute automotive news and analysis, including expert reviews of the latest cars on the market, at Cars.com.
Pew Research Center

In 25-Country Survey, Americans Especially Likely To View Fellow Citizens as Morally Bad

The U.S. is the only place we surveyed where more adults describe the morality and ethics of others living in the country as bad (53%) than as good (47%). Fresh data delivered Saturday mornings Thank ...
PCMag on MSN

Phony Claude Code Install Guides Trick Vibe Coders Into Installing Malware

Dubbed InstallFix by Push Security, the scheme inserts instructions to download malware during the Claude Code install process on cloned websites.