Security News This Week: Moltbook, the Social Network for AI Agents, Exposed Real Humans’ Data

Plus: Apple’s Lockdown mode keeps the FBI out of a reporter’s phone, Elon Musk’s Starlink cuts off Russian forces, and more.

Popular open-source coding application targeted in Chinese-linked supply-chain attack

By AJ Vicens Feb 2 (Reuters) - A Chinese-linked cyberespionage group with a long history hijacked the update process for the popular code editing platform Notepad++ to deliver a custom backdoor and ...

Critical React Native Metro dev server bug under attack as researchers scream into the void

Baddies are exploiting a critical bug in React Native's Metro development server to deliver malware to both Windows and Linux ...
GitHub

High performance (de)compression in an 8kB package

fflate (short for fast flate) is the fastest, smallest, and most versatile pure JavaScript compression and decompression library in existence, handily beating pako, tiny-inflate, and UZIP.js in ...

Notepad++ says it was hijacked by Chinese state-sponsored hackers

Last year, the creator of Notepad++ rolled out an update for the text and source code editor after security experts reported that bad actors were hijacking its update mechanism to redirect traffic to ...
SecurityWeek

Open VSX Publisher Account Hijacked in Fresh GlassWorm Attack

A compromised Open VSX publisher account was used to distribute malicious extensions in a new GlassWorm supply chain attack.
SecurityWeek

Notepad++ Supply Chain Hack Conducted by China via Hosting Provider

Notepad++ has shared additional details on the supply chain attack carried out by Chinese state-sponsored hackers via a ...