The Hacker News

North Korean Hackers Publish 26 npm Packages Hiding Pastebin C2 for Cross-Platform RAT

North Korean-linked campaign publishes 26 malicious npm packages hiding C2 in Pastebin, deploying credential stealers & RAT ...
Krebs on Security

Who is the Kimwolf Botmaster “Dort”?

Who is the Jacob that Qoft referred to as their business partner? The breach tracking service Constella Intelligence finds the password used by [email protected] was reused by just one other ...

Pastebin comments push ClickFix JavaScript attack to hijack crypto swaps

Threat actors are abusing Pastebin comments to distribute a new ClickFix-style attack that tricks cryptocurrency users into executing malicious JavaScript in their browser, allowing attackers to ...
GitHub

A shell script to build fancy DMGs.

Create-dmg is mostly maintained by @aonez and the contributors who send pull requests. The project home page is https://github.com/create-dmg/create-dmg. We will ...
IEEE

Mapping Exploit Code on Paste Sites to the MITRE ATT&CK Framework: A Multi-label Transformer Approach

Abstract: Cyber-criminals often use information-sharing platforms such as paste sites (e.g., Pastebin) to share vast amounts of malicious text content, such as exploit source code. Careful analysis of ...
GitHub

Pasteburn is a self-hosted, anonymous pastebin that features burn-after-read and end-to-end encryption.

A online demo is available at pasteburn.onrender.com. Note that the demo is very unstable and should not be used for purposes other than demonstration. Paste something into pasteburn with a password.
Covers

Super Bowl Script: Epic Moments You're Guaranteed to Witness in Super Bowl 60

Let's clear the air before you read another word: I do not believe in the existence of an actual Super Bowl script. For the initiated, there's a theory that the NFL pre-determines not only which teams ...