The Hacker News

TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO

TrapDoor spread 34 malicious packages across npm, PyPI, and Crates.io, stealing developer credentials and enabling persistence.
XDA Developers on MSN

My NAS has been a backup server, Jellyfin archive, and file storage for years, and it could still do so much more

Don't waste your NAS' potential ...
CSOonline

ClickFix finds a backup plan in PySoxy proxy chains

ReliaQuest observed attackers pairing ClickFix with the PySoxy proxy tool to establish redundant encrypted access paths and persistence on compromised systems. ClickFix, a one-shot social engineering ...
GitHub

backup.log

2026-05-02 15:15:41,849 - INFO - Copied: C:\Users\CHANDANA\OneDrive\Desktop\TestData\backup.py -> C:\Backup\backup_2026-05-02_15-15-41\.\backup.py 2026-05-02 15:15:41 ...
Bleeping Computer

Microsoft confirms April Windows updates cause backup failures

Microsoft has confirmed that the April 2026 security updates are causing failures in third-party backup applications using the psmounterex.sys driver. As BleepinComputer reported last week, this issue ...