SecurityWeek

Open VSX Publisher Account Hijacked in Fresh GlassWorm Attack

A compromised Open VSX publisher account was used to distribute malicious extensions in a new GlassWorm supply chain attack.
The Caledonian-Record

Hiab Appoints Custom Truck One Source as New Dealer to Secure Strategic Growth in the Western and Northeastern U.S.

Hiab (Nasdaq Helsinki: HIAB), a leading provider of smart and sustainable on-road load handling solutions, has signed a strategic dealer agreement with Custom Truck One Source, Inc. (NYSE: CTOS), ...
The Hacker News

DPRK Operatives Impersonate Professionals on LinkedIn to Infiltrate Companies

North Korean IT operatives use stolen LinkedIn accounts, fake hiring flows, and malware to secure remote jobs, steal data, and fund state programs.
SecurityWeek

Critical React Native Vulnerability Exploited in the Wild

Threat actors are exploiting the Metro4Shell React Native vulnerability to deploy malware on Linux and Windows systems.

Critical React Native Metro dev server bug under attack as researchers scream into the void

Too slow react-ion time Baddies are exploiting a critical bug in React Native's Metro development server to deliver malware ...
The Hacker News

Microsoft Discloses DNS-Based ClickFix Attack Using Nslookup for Malware Staging

Microsoft details a new ClickFix variant abusing DNS nslookup commands to stage malware, enabling stealthy payload delivery ...
Capitol Hill Seattle

911 | Monday school lockdowns, Super Bowl 911, and six busted in Capitol Hill Safeway ‘retail theft operation’

See something others should know about? Email CHS or call/txt (206) 399-5959. You can view recent CHS 911 coverage here. Hear sirens and wondering what’s going on? Check out reports ...