The Hacker News

TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO

TrapDoor spread 34 malicious packages across npm, PyPI, and Crates.io, stealing developer credentials and enabling persistence.
CSO Online

TrapDoor malware campaign puts developer workstations in CISO spotlight

Malicious packages across npm, PyPI, and Crates.io show how poisoned developer workflows can become a route into enterprise systems.

Truck dealers say they can’t import new models until Ottawa fixes paperwork

Canadian heavy-duty truck dealers are warning the economy is at risk of coming under further strain, because they won’t be ...

South Florida kitchen, bath supplier files Chapter 11 with $8 million in debts

A South Florida kitchen and bath supplier with six showrooms filed for bankruptcy reorganization while citing mounting debt, ...

Florida bans sloth imports after 55 deaths at Sloth World warehouse

Florida wildlife officials banned sloth imports after 55 sloths died at Sloth World, prompting a criminal investigation.
Crowdfund Insider

Malware : New ‘TrapDoor’ Supply Chain Attack Reportedly Targets Blockchain and Crypto Devs Across Multiple Ecosystems

The malware employs ecosystem-specific techniques for execution. On npm, many packages use post-install hooks to deploy a comprehensive JavaScript payload ...

Bank of New York Mellon Corp. is changing its ticker symbol

"As we continue reimagining ourselves as a financial services platforms company for the future, changing our ticker ... reflects who we are today and where we're headed." ...

MLB power rankings: Untouchable Guardians roar to top of AL Central

After last year's stunning AL Central comeback, the Guardians look like the class of the division.

Protect your enterprise now from the Shai-Hulud worm and npm vulnerability in 6 actionable steps

TanStack had 2FA, OIDC publishing, and Sigstore provenance on every release. The Mini Shai-Hulud worm published 84 malicious versions anyway. The CI/CD Trust-Chain Audit Grid maps the six gaps it ...

China oil import cut, higher U.S. exports wrongfoot market bulls

As prices for ‌physical crude oil hit all-time highs of over US$160 per barrel last month, analysts and traders alike rushed ...
CoinJournal

TrapDoor attack targets crypto wallets, AWS keys and GitHub tokens

A coordinated malware campaign known as TrapDoor has hit software ecosystems widely used by crypto and blockchain developers.
The Caledonian-Record

Ukraine ally Britain eases sanctions on Russian oil as fuel prices surge over Iran conflict

The U.K. government has quietly eased some sanctions on Russian oil to help Britons cope with rising costs. A new trade license allows the import of Russian oil refined into ...