A newly identified cryptojacking malware known as MassJacker is attacking piracy users, hijacking their crypto transactions, and replacing stored addresses, according to cybersecurity firm CyberArk. Originating from the website pesktop[dot]com, unaware users might install the malware when attempting to download pirated software. The malware then replaces crypto addresses stored in clipboard applications with addresses controlled by the attacker. Over 700k unique wallets are linked to the theft, with stolen crypto amounting to $336,700 as of August.

Large enterprises scramble after supply-chain attack spills their secrets
Open-source software used by over 23,000 organisations was compromised by attackers who accessed a maintainer account, injecting credential-stealing code. The corrupted package, part of tj-actions,