The Hacker News

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

Axios 1.14.1 and 0.30.4 injected malicious plain-crypto-js@4.2.1 after npm compromise on March 31, 2026, deploying ...
Cybernews

Venom Stealer touts fully automated malware pipeline for $250 a month, bypasses browser encryption

Venom Stealer is a new malware-as-a-service tool using ClickFix scams to steal credentials, hijack sessions and automate ...
Cybernews

The “three-finger” method won’t help detect a deepfake: here’s what will

Social media videos claim that asking a person to hold up three fingers in front of their face during an online call helps to tell if they are a deepfake. Experts say the method is no longer foolproof ...

Modulate Launches Velma Deepfake Detect: A Paradigm Shift in the Economics of Fraud Prevention

New Velma API from Modulate delivers best-in-class precision at over 100x lower cost, enabling full-call deepfake ...