MongoDB warns admins to patch severe RCE flaw immediately

MongoDB has warned IT admins to immediately patch a high-severity vulnerability that can be exploited in remote code ...

Malware bypassed macOS Gatekeeper by abusing Apple's notarization proccess

A new variant of the MacSync Stealer uses a code-signed Swift application to get around Apple's macOS Gatekeeper protections.
CSO Online

WhatsApp API worked exactly as promised, and stole everything

Malicious npm package posing as a WhatsApp Web API library operated for months as a functional dependency while stealing messages and maintaining persistence.