Bleeping Computer

Malicious NuGet packages abuse MSBuild to install malware

A new NuGet typosquatting campaign pushes malicious packages that abuse Visual Studio's MSBuild integration to execute code and install malware stealthily. NuGet is an open-source package manager and ...
CSO Online

Typo hackers sneak cross-platform credential stealer into 10 npm packages

The typosquatted packages auto-execute on installation, fingerprint victims by IP, and deploy a PyInstaller binary to harvest ...
Bleeping Computer

Malicious CSV text files used to install BazarBackdoor malware

A new phishing campaign is using specially crafted CSV text files to infect users' devices with the BazarBackdoor malware. A comma-separated values (CSV) file is a text file containing lines of text ...
SlashGear

Why You Need To Be Careful About Installing APK Files On Android Phones

Android makes it ridiculously convenient to get new apps; you only need to head to the Play Store, look up the app, and tap install. However, you cannot find every app on the official Google store ...