ThreatsDay roundup covering stealthy attacks, phishing trends, exploit chains, and rising security risks across the threat landscape.

Everything you may have missed from the past week.

Polyfill supply chain attack that hit more than 100,000 websites has now been linked to North Korean threat actors.

Powered by the TypesScript-native runtime Bun, Electrobun improves Electron with a smaller application footprint and built-in ...

Malicious npm package '@openclaw-ai/openclawai' downloaded 178 times installs GhostLoader RAT, stealing credentials and crypto wallets.

A malicious npm package disguised as a legitimate AI tool to install the virally popular OpenClaw, but designed to steal system passwords and crypto wallets, ...

GhostClaw poses as an OpenClaw installer package, stealing system credentials and sensitive data before deploying a persistent RAT.

Searches your computer for addons, then repacks them and copies them to the right place for Minecraft to use them. (It assumes you are using mcpelauncher to play ...

Install a bootable Linux partition to your hard drive without a USB stick or manual BIOS configuration. ⚠️ WARNING: THIS SOFTWARE IS IN ALPHA AND IS NOT RECOMMENDED FOR USE ON YOUR MAIN/CRITICAL PC.

Abstract: With the increasing popularity of the web, some new web technologies emerged and introduced dynamics to web applications, in comparison to HTML, as a static programming language. JavaScript ...