The Hacker News

36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants

Strapi plugins exploit Redis and PostgreSQL via postinstall scripts, enabling persistent access and data theft.
Microsoft

Mitigating the Axios npm supply chain compromise

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...
InfoWorld

PEP 816: How Python is getting serious about Wasm

Another big drawback: Any modules not written in pure Python can’t run in Wasm unless a Wasm-specific version of that module ...

I installed this Arch-based distro my way in under 5 minutes - so can you

Thanks to the Prism Linux installer, I curated exactly the software I wanted and achieved the holy grail of out-of-the-box ...

New Infinity Stealer malware grabs macOS data via ClickFix lures

A new info-stealing malware named Infinity Stealer is targeting macOS systems with a Python payload packaged as an executable using the open-source Nuitka compiler.
GitHub

FTP_CLIENT_DEMO.GE

72 9 84 11 4 5 ftp_activate 76 17 84 19 4 5 ftp_url 71 13 84 15 4 5 ftp_filename 72 33 84 35 4 5 ftp_timeout 120 9 130 11 4 3 ftp_done 120 17 132 19 4 3 ftp_error_c 120 21 131 23 4 3 ftp_error_t 120 ...
GitHub

PS5 Dump Runner Installer

Tired of manually uploading every update of dump_runner.elf and homebrew.js from EchoStretch to each of your game dumps located in internal, external M.2, and USB storages? This tool automates ...