New npm supply-chain attack self-spreads to steal auth tokens

A new supply chain attack targeting the Node Package Manager (npm) ecosystem is stealing developer credentials and attempting to spread through packages published from compromised accounts.

NGate Alert: This New Android Malware is Emptying Bank Accounts via NFC

Cybersecurity researchers have found out the known Android malware, NGate, is now abusing a legitimate payment app via NFC.
The Hacker News

NGate Campaign Targets Brazil, Trojanizes HandyPay to Steal NFC Data and PINs

NGate abuses HandyPay in Brazil since Nov 2025, stealing NFC data and PINs to enable ATM fraud and unauthorized payments.

NGate malware variant uses HandyPay NFC app to steal card data

A new variant of the NGate malware that steals NFC payment data is targeting Android users by hiding in a trojanized version ...

Over 800 Android Apps Targeted in PIN-Stealing Trojan Campaign

Four Android banking malware campaigns are targeting more than 800 apps by abusing overlays, Accessibility permissions, and ...

The hidden risks of vibe coding: 4 steps to protect your organization

You can’t be sure where that AI-generated code came from or what malware it might contain. These 4 steps help mitigate ...