New npm supply-chain attack self-spreads to steal auth tokens

A new supply chain attack targeting the Node Package Manager (npm) ecosystem is stealing developer credentials and attempting to spread through packages published from compromised accounts.
The Hacker News

⚡ Weekly Recap: Vercel Hack, Push Fraud, QEMU Abused, New Android RATs Emerge & More

Monday cybersecurity recap on evolving threats, trusted tool abuse, stealthy in-memory attacks, and shifting access patterns.
PCMag on MSN

I ditched password generators and made a better one in Excel. Here's how

Because many password generators aren't as random as they seem, I built an improved one in Excel—and I'll show you exactly ...

Man gets 30 months for selling thousands of hacked DraftKings accounts

Kamerin Stokes of Memphis, Tennessee, was sentenced to 30 months in prison for selling access to tens of thousands of hacked ...
Mashable

You can now use a dick pic as a password. Why, god? Why.

The biggest stories of the day delivered to your inbox.