The Hacker News

Tsundere Botnet Expands Using Game Lures and Ethereum-Based C2 on Windows

Tsundere botnet spreads via MSI and PowerShell installers, using Ethereum-based C2 rotation and game-themed lures to target ...
ZDNet

Hacker backdoors popular JavaScript library to steal Bitcoin funds

A hacker has gained (legitimate) access to a popular JavaScript library and has injected malicious code that steals Bitcoin and Bitcoin Cash funds stored inside BitPay's Copay wallet apps. The ...

Google patches worrying Chrome zero-day flaw being exploited in the wild - here's how to stay safe

The vulnerability is now tracked as CVE-2025-13223 and has a severity score of 8.8/10 (high). "Type Confusion in V8 in Google ...
CSOonline

Hacker adds malicious bitcoin-stealing code to popular JavaScript library

Tired of maintaining code that was written to be freely distributed, an “unrepentant module giver awayer” (aka developer) handed it over after GitHub dev “right9control” volunteered to take over the ...
Bleeping Computer

Compromised JavaScript Package Caught Stealing npm Credentials

A hacker has gained access to a developer's npm account and injected malicious code into a popular JavaScript library, code that was designed to steal the npm credentials of users who utilize the ...
PCMag on MSN

Patch Now: Google Warns of 'High Severity' Bug Targeting Chrome

A 'type confusion' flaw in Chrome's V8 JavaScript engine can enable a hacker to corrupt the software's memory and execute malicious computer code.
ZDNet

Missouri will not prosecute 'hacker' reporter for daring to view state website HTML

The State of Missouri will not prosecute a journalist branded a "hacker" for viewing website source code and reporting a serious security leak. In October 2021, St. Louis Post-Dispatch reporter Josh ...
The Hacker News

GootLoader Is Back, Using a New Font Trick to Hide Malware on WordPress Sites

Huntress finds three GootLoader infections since Oct 27, 2025; two led to domain controller compromise within 17 hours.