Chrome Extension Hijacked to Deliver Malware, Steal Crypto Wallets

A compromised Chrome extension with 7,000 users was updated to deploy malware, strip security headers, and steal cryptocurrency wallet seed phrases.
The Hacker News

North Korean Hackers Publish 26 npm Packages Hiding Pastebin C2 for Cross-Platform RAT

North Korean-linked campaign publishes 26 malicious npm packages hiding C2 in Pastebin, deploying credential stealers & RAT ...
GitHub

A tool to extract images from and inspect the payload.bin file from Android OTA zips.

Use linux, and have bzip2 and brotli installed. If you're on Windows, I'd greatly appreciate some help on getting this to work. I'm not even sure that it won't work since I don't have Windows! One ...