The developers of Rspack have disclosed a supply chain attack on two of their npm packages. The attackers published malicious versions of @rspack/core and @rspack/cli to the official package registry infected with cryptocurrency mining malware. Consequently, versions 1.1.7 of these libraries have been removed, and the latest secure version is 1.1.8. Investigations into the root cause of this security compromise are ongoing.
Malicious Apps On Amazon Appstore Records Screen & Intercept OTP’s
Researchers have discovered an app on Amazon’s App Store masquerading as a harmless health tool used to calculate BMI, but it steals user data. The
