New PhantomRaven NPM attack wave steals dev data via 88 packages

New attack waves from the 'PhantomRaven' supply-chain campaign are hitting the npm registry, with dozens of malicious packages that exfiltrate sensitive data from JavaScript developers.

APT28 hackers deploy customized variant of Covenant open-source tool

The Russian state-sponsored APT28 threat group is using a custom variant of the open-source Covenant post-exploitation framework for long-term espionage operations.
9to5Mac

iOS 26.4 beta adds support for testing end-to-end encrypted RCS messaging

Apple added RCS support to iPhone with iOS 18.1, enabling richer cross-platform messaging between iPhone and Android users. This included things like typing indicators, read receipts, and ...
Nanowerk

Crypto beads use DNA and light to hide and reveal secret messages

DNA strands on tiny beads hide and reveal encrypted messages through programmable fluorescence patterns read by flow cytometry.