The Hacker News

New Wave of DPRK Attacks Uses AI-Inserted npm Malware, Fake Firms, and RATs

Claude Opus commit added malicious npm dependency in Feb 2026, enabling crypto theft and persistent RAT access.

How to install fonts in Windows 11 and Windows 10 (3 easy methods)

A new font can be a great way to spice up your PC projects. But you need to install them to use them. Here's how to install ...
SecurityWeek

Easily Exploitable ‘Pack2TheRoot’ Linux Vulnerability Leads to Root Access

Pack2TheRoot, a high-severity vulnerability in PackageKit, allows users to install packages on Linux systems with root ...
InfoQ

npmx Reaches Alpha: Community Driven Alternative Browser for the npm Registry

Daniel Roe and over 250 contributors. It emphasizes speed and features absent in the official npmjs.com interface, such as ...

Open source package with 1 million monthly downloads stole user credentials

Open source software with more than 1 million monthly downloads was compromised after a threat actor exploited a ...