The Hacker News

Self-Propagating Supply Chain Worm Hijacks npm Packages to Steal Developer Tokens

Self-propagating npm worm steals tokens via postinstall hooks, impacting six packages and expanding supply chain attacks.

New GopherWhisper APT group abuses Outlook, Slack, Discord for comms

A previously undocumented state-backed threat actor named GopherWhisper is using a Go-based custom toolkit and legitimate ...

Digits Launches MCP Server, Connecting AI Tools Directly to its Real-Time, AI-Native Ledger

Digits, the world’s first AI-native accounting platform, launched the Digits MCP Server, giving accounting firms, business ...

Trigona ransomware attacks use custom exfiltration tool to steal data

Recently observed Trigona ransomware attacks are using a custom, command-line tool to steal data from compromised ...