The Hacker News

Lazarus Campaign Plants Malicious Packages in npm and PyPI Ecosystems

North Korea-linked Lazarus campaign spreads malicious npm and PyPI packages via fake crypto job offers, deploying RATs and ...
Microsoft

New Clickfix variant ‘CrashFix’ deploying Python Remote Access Trojan

CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger.exe and portable Python to evade detection and persist on high‑value systems.
The New York Times

Book Review

What’s a publisher to do when a novel hews close to the news cycle? By Elizabeth A. Harris A new book by Shelley Puhak dismantles the legend of Hungary’s infamous “blood countess,” separating fact ...