TechJuice

Hackers Exploit npm Supply Chain to Gain AWS Admin Access

Hackers exploited a compromised npm package to breach cloud systems and gain full AWS administrator access within 72 hours.
Amazon S3 on MSN

Testing secret Roblox admin commands and it went totally wrong

Poke tests dangerous admin commands that quickly spiral out of control.
CSO Online

Critical flaw in HPE Aruba CX switches lets attackers seize admin control without credentials

Unauthenticated password reset vulnerability in widely deployed enterprise switching hardware carries a near-maximum severity score.
Microsoft

Contagious Interview: Malware delivered through fake developer job interviews

The Contagious Interview campaign weaponizes job recruitment to target developers. Threat actors pose as recruiters from crypto and AI companies and deliver backdoors such as OtterCookie and ...
The Hacker News

Web Server Exploits and Mimikatz Used in Attacks Targeting Asian Critical Infrastructure

New hacking cluster exploits web servers and Mimikatz to infiltrate Asian infrastructure for long-term espionage in aviation, ...
Rock Paper Shotgun

Thanks for injecting me with 500 cursed Black Knight Ultra Greatswords

Unfortunately, as I discovered, hackers can force invalid items directly into your inventory. "Item injection is an ancient script," Boblord says. "You can basically just pick what item you want them ...
The Hacker News

Malicious npm Package Posing as OpenClaw Installer Deploys RAT, Steals macOS Credentials

Malicious npm package '@openclaw-ai/openclawai' downloaded 178 times installs GhostLoader RAT, stealing credentials and crypto wallets.
Que.com on MSN

Microsoft Teams hackers trick employees into granting remote access

Cybercriminals are increasingly targeting the place where modern work happens every day: Microsoft Teams. Rather than relying on noisy malware ...