The Hacker News

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

Axios 1.14.1 and 0.30.4 injected malicious plain-crypto-js@4.2.1 after npm compromise on March 31, 2026, deploying ...
Security Boulevard

That “job brief” on Google Forms could infect your device

Instead of the usual phishing email or fake download page, attackers are using Google Forms to kick off the infection chain.
How-To Geek on MSN

Fed up with the Spotify Linux app? This custom widget is the fix

Use Playerctl, Python, and Conky timer to create a 'now playing' Spotify desktop widget.
Security Boulevard

Fake Temu Coin airdrop uses ClickFix trick to install stealthy malware

A fake $TEMU crypto airdrop uses the ClickFix trick to make victims run malware themselves and quietly installs a remote-access backdoor.
GitHub

Le Mans Ultimate Settings Widget

M$ Windows application that will let you create presets/profiles of your LMU settings. Quickly change between e.g., a performance focused VR setup, or an eye-candy favoured Replay setup. Presets will ...
GitHub

A GUI-based secure file transfer tool for Windows that allows you to effortlessly transfer files and folders to remote servers over SSH using password or key-based authentication.

Fill in your SSH connection details Click "Save Current as Profile" Enter a profile name (e.g., "Production Server") Click OK ...