[THN] OtterCookie Malware Variant, PyPI Domain Risk and NetSupport RAT Attacks

THN Daily Updates [Free Webinar] WormGPT, FraudGPT, SpamGPT -- Inside the New Phishing Machine AI is rewriting phishing at scale. See how tools like WormGPT and FraudGPT work -- and how to stop them before users are hit. Download Now Sponsored LATEST NEWS Nov 29, 2025 Legacy Python Bootstrap Scripts Create Domain-Takeover Risk in Multiple PyPI Packages Cybersecurity researchers have discovered vulnerable code in legacy Python packages that could potentially pave the way for a supply chain compromise on the Python Package Index (PyPI) via a domain takeover attack. Soft... Read More North Korean Hackers Deploy 197 npm Packages to Spread Updated OtterCookie Malware The North Korean threat actors behind the Contagious Interview campaign have continued to flood the npm registry with 197 more malicious packages since last month. According to Socket, these packages have been downloade... Read More 3 steps to control IT costs globally Cut IT costs and enforce global standards with Deel's free policy template. Reduce waste, stay compliant, and build scalable infrastructure. Read More Why Organizations Are Turning to RPAM As IT environments become increasingly distributed and organizations adopt hybrid and remote work at scale, traditional perimeter-based security models and on-premises Privileged Access Management (PAM) solutions no lon... Read More Smarter Access, Better Protected Data, Faster Audits: Enhancing Your Insider Threat Defense Real-time masking, agentless access, and full-motion monitoring enhance insider threat defense and audit readiness without IT overhead. Read More MS Teams Guest Access Can Remove Defender Protection When Users Join External Tenants Cybersecurity researchers have shed light on a cross-tenant blind spot that allows attackers to bypass Microsoft Defender for Office 365 protections via the guest access feature in Teams. "When users operate as guests i... Read More Bloody Wolf Expands Java-based NetSupport RAT Attacks in Kyrgyzstan and Uzbekistan The threat actor known as Bloody Wolf has been attributed to a cyber attack campaign that has targeted Kyrgyzstan since at least June 2025 with the goal of delivering NetSupport RAT. As of October 2025, the activity has... Read More Microsoft to Block Unauthorized Scripts in Entra ID Logins with 2026 CSP Update Microsoft has announced plans to improve the security of Entra ID authentication by blocking unauthorized script injection attacks starting a year from now. The update to its Content Security Policy (CSP) aims to enhanc... Read More [Free Webinar] WormGPT, FraudGPT, SpamGPT -- Inside the New Phishing Machine AI is rewriting phishing at scale. See how tools like WormGPT and FraudGPT work -- and how to stop them before users are hit. Download Now Sponsored This email was sent to edwardlorilla1998.tower@blogger.com. You are receiving this newsletter because you opted-in to receive relevant communications from THN. To manage your email newsletter preferences, please click here. Contact THN: info@thehackernews.com Unsubscribe THN | K.P BLock, Pitampura, Delhi