GamesRadar+

In a win for physical game collectors, Battlefield 6's PS5 disc apparently includes the entire shooter, meaning no massive extra downloads unless EA's day-one patch is ...

Battlefield Battlefield 6 review: "More refined than innovative, this FPS is on target with multiplayer even if its campaign is just a big shrug" Battlefield Battlefield 6 follows Call of Duty in ...
The Hacker News

Malicious Rust Crates Steal Solana and Ethereum Keys — 8,424 Downloads Confirmed

Cybersecurity researchers have discovered two malicious Rust crates impersonating a legitimate library called fast_log to steal Solana and Ethereum wallet keys from source code. The crates, named ...
GitHub

[Announcement] Upcoming new requirements for YouTube downloads

Beginning very soon, you'll need to have Deno (or another supported JavaScript runtime) installed to keep YouTube downloads working as normal. Run yt-dlp with an ...
TechRadar

A terrifying, self-replicating malwaere has infected npm packages with over 2 million downloads per week - here's how to stay safe

A new supply-chain attack compromised at least 187 npm packages, targeting developer secrets across software projects Shai-Hulud worm looks to steal credentials, modify packages, and spread malware ...
Infosecurity-magazine.com

Chinese AI Villager Pen Testing Tool Hits 11,000 PyPI Downloads

A new AI-native penetration testing tool called Villager has reached nearly 11,000 downloads on the Python Package Index (PyPI) just two months after release. The framework, developed by the ...
TechRadar

A mysterious Chinese AI pentesting tool has appeared online, with over 10,000 downloads so far

Villager is an AI-native pentest tool with ~10,000 downloads, likely including threat actors It automates attacks using Kali Linux and DeepSeek AI, raising dual-use concerns Cyberspike, its creator, ...
TechRepublic

Malware Injected Into Code Packages That Get 2 Billion+ Downloads Each Week

Malware Injected Into Code Packages That Get 2 Billion+ Downloads Each Week Your email has been sent An attack targeting the Node.js ecosystem was just identified ...
ZDNet

This 2FA phishing scam pwned a developer - and endangered billions of npm downloads

A phishing email was at the heart of the attack. NPM team quickly removed backdoored versions. 18 packages hit, with 2B+ downloads every week. A new digital supply chain attack has targeted popular ...
Ars Technica

Software packages with more than 2 billion weekly downloads hit in supply-chain attack

Hackers planted malicious code in open source software packages with more than 2 billion weekly updates in what is likely to be the world’s biggest supply-chain attack ever. “Sorry everyone, I should ...
CSOonline

Massive npm supply chain attack hits 18 popular packages with 2B weekly downloads

Malware hidden in widely used libraries like chalk and debug hijacked crypto transactions via browser APIs, exposing deep flaws in the open-source trust model. A massive supply chain attack ...
SiliconANGLE

Massive npm hack poisons 18 packages with billions of downloads

Aikido Security Ltd. today disclosed what is being described as the largest npm supply chain compromise to date, after attackers injected malware into 18 popular packages that together account for ...