Hackaday

Reverse-Engineering The Holy Stone H120D Drone

There are plenty of drones (and other gadgets) you can buy online that use proprietary control protocols. Of course, ...
The Hacker News

DPRK-Linked Hackers Use GitHub as C2 in Multi-Stage Attacks Targeting South Korea

DPRK-linked actors use GitHub C2 and LNK phishing in South Korea, enabling persistent PowerShell control and data ...
Hackaday

Battery Tester Outperforms Cheaper Options

Batteries are notoriously difficult pieces of technology to deal with reliably. They often need specific temperatures, charge ...
SecurityWeek

TeamPCP Moves From OSS to AWS Environments

The TeamPCP hacking group has been using credentials stolen in the recent OSS campaign to enumerate and compromise AWS ...

Hackers compromise Axios npm package to drop cross-platform malware

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...
GitHub

A patch to finally unlock the best VCD player the SEGA Dreamcast ever saw!

A patch to finally unlock the best VCD player the SEGA Dreamcast ever saw! - DerekPascarella/DreamMovie-UNLOCKED ...
The Hacker News

36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants

Strapi plugins exploit Redis and PostgreSQL via postinstall scripts, enabling persistent access and data theft.
GovInfoSecurity

Backdooring of JavaScript Library Axios Tied to North Korea

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...
MUO on MSN

I installed Linux on my Pixel and turned it into a pocket workstation

This shouldn’t work—but it absolutely does.
腾讯网

Claude Code 泄露同一天,Axios 惨遭史上最大投毒,朝鲜出品

朝鲜这个国家,在大多数人的认知里应该是相当封闭落后的。但他们的网络攻击能力,一直被严重低估。从 2014 年的索尼影业攻击,到 2017 年的 WannaCry 勒索病毒,再到这次对 npm 生态的精准打击,朝鲜黑客的技术水平和作战纪律一点也不「落后 ...