The Hacker News

Self-Propagating Supply Chain Worm Hijacks npm Packages to Steal Developer Tokens

Self-propagating npm worm steals tokens via postinstall hooks, impacting six packages and expanding supply chain attacks.

Another npm supply chain worm is tearing through dev environments

Yet another npm supply-chain attack is worming its way through compromised packages, stealing secrets and sensitive data as ...

New npm supply-chain attack self-spreads to steal auth tokens

A new supply chain attack targeting the Node Package Manager (npm) ecosystem is stealing developer credentials and attempting to spread through packages published from compromised accounts.
Dark Reading

Africa Relinquishes Cyberattack Lead to Latin America — For Now

The number of cyberattacks targeting Africa declined in the past year, with weekly attacks down 22%, as attackers shifted ...

Uganda's Python Cave reveals how a Marburg virus outbreak could begin

Marburg virus disease (MVD) is a severe and often fatal hemorrhagic disease in humans caused by the Marburg virus. It is ...

Hackers exploit Marimo flaw to deploy NKAbuse malware from Hugging Face

Hackers are exploiting a critical vulnerability in Marimo reactive Python notebook to deploy a new variant of NKAbuse malware ...
Nature

‘Bat feast’ animal videos at African cave offer clues to how deadly viruses spread

Researchers filmed 10 species eating or scavenging bats at known Marburg-virus hotspot — and caught hundreds of humans ...
IFLScience on MSN

A virologist’s nightmare: People and predators keep going into a cave full of bats with Marburg virus

As if its name didn’t warn you enough, there are many good reasons to avoid Python Cave in Uganda. Chief among them is that ...