CrowdStrike and Google take down botnet used by hackers to target software developers in supply chain attacks

Cybercriminals used the Glassworm botnet to infect open source software projects with malware, and in turn hack the ...
Decrypt

Google Engineer Charged Over $2.75 Million in Alleged Polymarket Insider Trading Bets

The Google employee case is the second federal prosecution tied to alleged prediction market insider trading on Polymarket.

Google engineer used confidential info to win $1.2M in Polymarket bets, feds say

A longtime Google security engineer has been accused of using confidential company data to place illicit Polymarket bets that won him $1.2 million — the latest alleged case of insider trading on a ...
The Next Web

Most data breaches start with a stolen password. Here’s how to fix that

Stolen credentials cause 80% of breaches, yet most teams still share passwords over Slack. Proton Pass for Business encrypts everything from $1.99/user/mo.
The Hacker News

TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO

TrapDoor spread 34 malicious packages across npm, PyPI, and Crates.io, stealing developer credentials and enabling persistence.
PCMag

Google Engineer Charged for Using Insider Info to Win $1.2M on Polymarket Bets

Michele Spagnuolo used his access to the annual Year in Search list to place huge bets on which public figures would be the most searched on Google last year.