Security Boulevard

This fake Windows support website delivers password-stealing malware

A convincing Microsoft lookalike tricks users into downloading malware that steals passwords, payments, and account access.
The Hacker News

36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants

Strapi plugins exploit Redis and PostgreSQL via postinstall scripts, enabling persistent access and data theft.
GitHub

A Portable Adversary Research Environment

Crucible is an open-source, portable adversary research environment designed for threat researchers, detection engineers, and malware analysts. It provides a reproducible, infrastructure-as-code ...