The Hacker News

36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants

Strapi plugins exploit Redis and PostgreSQL via postinstall scripts, enabling persistent access and data theft.
The Hacker News

Google Attributes Axios npm Supply Chain Attack to North Korean Group UNC1069

Google links Axios npm supply chain attack to UNC1069 after trojanized versions 1.14.1 and 0.30.4 spread WAVESHAPER.V2, ...
Yahoo

Trump administration reportedly seeks to use HIV aid to extract minerals from Zambia

Donald Trump’s imperial administration appears intent on plundering and exploiting the African continent by any means. As the president looks around the globe for ways to acquire the world’s resources ...