Microsoft Worm Attack Warning — Act Rapidly And Change Passwords Now

Rapidly change your password, the Microsoft security team urges as Shai-Hulud Dune Worm cloud attacks continue.
The Register on MSN

Shai-Hulud worm returns, belches secrets to 25K GitHub repos

Trojanized npm packages spread new variant that executes in pre-install phase, hitting thousands within days A self-propagating malware targeting node package managers (npm) is back for a second round ...

Glassworm malware returns in third wave of malicious VS Code packages

The Glassworm campaign, which first emerged on the OpenVSX and Microsoft Visual Studio marketplaces in October, is now in its third wave, with 24 new packages added on the two platforms.
The Hacker News

Brazil Hit by Banking Trojan Spread via WhatsApp Worm and RelayNFC NFC Relay Fraud

Water Saci and RelayNFC drive advanced Brazil-targeted attacks using WhatsApp worm tactics and real-time NFC payment theft.

Shai-Hulud 2.0 NPM malware attack exposed up to 400,000 dev secrets

The second Shai-Hulud attack last week exposed around 400,000 raw secrets after infecting hundreds of packages in the NPM ...