New PhantomRaven NPM attack wave steals dev data via 88 packages

New attack waves from the 'PhantomRaven' supply-chain campaign are hitting the npm registry, with dozens of malicious packages that exfiltrate sensitive data from JavaScript developers.
The Hacker News

Chrome Extension Turns Malicious After Ownership Transfer, Enabling Code Injection and Data Theft

Malicious Chrome extensions tied to ownership transfers push malware and steal data, exposing thousands to credential theft and system compromise.
CNET

Tired of Your Full Inbox? Here's How to Get Back 15GB of Free Gmail Storage Now

Jason Chun is a CNET writer covering a range of topics in tech, home, wellness, finance and streaming services. He is passionate about language and technology, and has been an avid writer/reader of ...