AppsFlyer Web SDK used to spread crypto stealer JavaScript code

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.
GameSpot

Marathon South Maintenance Terminal Location: Where To Download Data

Marathon has plenty of contracts for you to tackle, and one of them will task you with finding where to download data from ...

New PhantomRaven NPM attack wave steals dev data via 88 packages

New attack waves from the 'PhantomRaven' supply-chain campaign are hitting the npm registry, with dozens of malicious packages that exfiltrate sensitive data from JavaScript developers.

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...
WinBuzzer

GitHub: Glassworm Hides Malware in Invisible Unicode Across 151+ Repos

The Glassworm campaign has compromised over 151 GitHub repositories and npm packages using invisible Unicode payloads that evade standard code review.
Quad-City Times

Sectional semifinals next up for Moline

A regional championship victory over a rival set up the Moline High School soccer team for another familiar foe in the next step along the state series trail.
The Roanoke Times

New River Foundry shuts down

Intermet Corp. will close the New River Foundry, its remaining operation in Radford, today and lay off its last 76 workers. The company closed the neighboring Radford Foundry in 2003.