The Hacker News

Lazarus Campaign Plants Malicious Packages in npm and PyPI Ecosystems

North Korea-linked Lazarus campaign spreads malicious npm and PyPI packages via fake crypto job offers, deploying RATs and data-stealing malware.
Microsoft

New Clickfix variant ‘CrashFix’ deploying Python Remote Access Trojan

CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger.exe and portable Python to evade detection and persist on high‑value systems.
GitHub

A self-contained, portable application bundling PostgreSQL, PostGIS, and pgAdmin 4. This application allows you to run a spatial database environment without any complex ...

Use these details to connect to the database programmatically or via external tools: If you see an error saying "Portable PostGIS.app is damaged and can't be opened ...