The Hacker News

Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT

JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.
Microsoft

New XCSSET malware adds new obfuscation, persistence techniques to infect Xcode projects

September 25, 2025 update: Microsoft Threat Intelligence has identified yet another XCSSET variant in the wild that introduces further updates and new modules: XCSSET evolves again: Analyzing the ...
GitHub

HTML to PDF or image (jpeg, png, webp) converter via Chrome/Chromium.

This library is NOT meant to accept untrusted user input. Doing so may have serious security risks such as Server-Side Request Forgery (SSRF). Note: It is strongly recommended that you keep Chrome ...
Nature

StackZDPD: a novel encoding scheme for mass spectrometry data optimized for speed and compression ratio

As the pervasive, standardized format for interchange and deposition of raw mass spectrometry (MS) proteomics and metabolomics data, text-based mzML is inefficiently utilized on various analysis ...
GitHub

powershell_fileless_script_contains_base64_encoded_content.yml

description: The following analytic detects the execution of PowerShell scripts containing Base64 encoded content, specifically identifying the use of `FromBase64String`. It leverages PowerShell ...