The Hacker News

36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants

Strapi plugins exploit Redis and PostgreSQL via postinstall scripts, enabling persistent access and data theft.
Microsoft

Mitigating the Axios npm supply chain compromise

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...
The Hacker News

ThreatsDay Bulletin: PQC Push, AI Vuln Hunting, Pirated Traps, Phishing Kits & 20 More Stories

ThreatsDay Bulletin covers stealthy attack trends, evolving phishing tactics, supply chain risks, and how familiar tools are ...
GitHub

feat: achieve 100% CIS v6.0.1 + NIST 800-53 automated control coverage

Update (v0.8.1): Phase 1 quick wins shipped in PR #69-- added 5.1.2.4, 1.1.2, 5.1.8.1, 7.2.8, 7.3.3, 7.3.4. Only Power BI (Phase 2) and 3 infeasible controls remain. All 11 require the ...
TWCN Tech News

Your Intel Optane memory module is starting to degrade

Windows shows the “Your Intel Optane memory module is starting to degrade” notification when an internal hardware failure is detected on the Intel Optane memory module. Since Intel discontinued the ...
GitHub

windows_iis_components_add_new_module.yml

description: The following analytic detects the execution of AppCmd.exe to install a new module in IIS. This detection leverages data from Endpoint Detection and Response (EDR) agents, focusing on ...