Author: admin

A threat actor published three malicious versions of the popular NPM package ‘rand-user-agent’ to deploy and activate a remote access trojan (RAT) on users’ systems. A Node.js package that has been deprecated, rand-user-agent generates randomized user-agent strings based on occurrence. It was originally built as a functionality tool for Romanian software development firm WebScrapingAPI, but can be integrated into any node.js project for web scraping. The package still has over 40,000 weekly downloads, but hasn’t been updated for over seven months, and a threat actor took advantage of this to push versions injected with malicious code. While the project’s GitHub…

Juice, a UK-based FinTech platform focused on alternative lending for digital entrepreneurs, has secured £25m in new funding to accelerate its mission of unlocking capital for underserved SMEs.The round includes investments from family offices Aern Capital and Falco Capital, along with a committed credit facility provided by Paragon Bank. The fresh capital will help Juice expand its reach across the UK’s vast small business sector, which continues to face steep financing barriers.Launched in 2019, Juice offers a data-driven approach to SME lending. Its platform combines real-time financial insights, predictive analytics, and adaptable credit lines to deliver timely, non-dilutive funding without…

Glide, an embedded FinTech platform focused on transforming the digital capabilities of traditional financial institutions, has raised $15m in a Series A funding round.The round was led by Acrew Capital and joined by Pear VC, Pathlight Capital, and several prominent angel investors. Notable participants included Claire Hughes Johnson, former COO of Stripe; Paul Williamson, former CRO of Plaid; and Arash Ferdowsi, co-founder of Dropbox.Glide provides a unified digital experience platform for community banks and credit unions, replacing the fragmented legacy systems many still rely on. By offering a modern infrastructure layer, Glide enables these institutions to deliver banking experiences on…

Autobooks, a FinTech company based in Detroit, provides integrated payment, invoicing, and accounting tools tailored for small and medium-sized businesses (SMBs).The company has secured a $40m senior secured term loan from Runway Growth Capital, a prominent provider of growth loans to venture and non-venture-backed firms. The investment will enable Autobooks to advance its platform capabilities and support its broader strategic goals.Founded in 2015, Autobooks offers a suite of embedded financial services directly within the digital platforms of banks and credit unions. These services include invoicing, payment acceptance—including Tap to Pay on iPhone—and accounting tools, allowing small business owners to manage…

Canada-based vertical market software (VMS) firm Valsoft Corporation (dba AllTrust) is notifying over 160,000 people that their personal information was compromised in a data breach. The incident, discovered on February 14, involved unauthorized access to a non-production network of AllTrust subsidiary Aspire USA. “Aspire’s internal security team identified an in-progress file transfer which they were able to interrupt mid-transfer,” the company says in a notification letter to the impacted individuals, a copy of which was submitted to the Maine Attorney General’s Office. The attackers, the company says, had access to Aspire’s network between February 12 and February 15, and stole…

NEW YORK (AP) — President Donald Trump’s tariffs crusade has taken aim at a number of foreign goods, from European wines and car parts from Mexico to films made abroad. Lately, the president’s wandering ire has found another rhetorical poster child: toy dolls. Trump asserted that children will be fine having two dolls — perhaps three or five — instead of 30 if U.S. import taxes increase consumer prices. The response on social media included memes of him portrayed as the Grinch and photos of a young Barron Trump’s child-sized Mercedes convertible. “COMPLETELY out of touch,” The Loyal Subjects CEO…

Reentering the scene: Donald Trump Jr., who owned a small share of his father’s D.C. hotel, comes back to Washington with a new plan.Photo by BRENDAN SMIALOWSKI/AFP via Getty Images News that Donald Trump Jr. and a team of investors are launching an invite-only club named Executive Branch has Washington buzzing about who might join. The first person to sign up was David Sacks, the president’s crypto and artificial-intelligence czar, who opted for a $500,000 top-tier membership. “It’s very simple,” Sacks said on the “All-In” podcast last week. “We want a place to hang out in D.C.” In the president’s…

Sindh Chief Minister Murad Ali Shah announced on Friday that Karachi would host the 35th National Games from December 6 to 13 after it was postponed from its initial dates in May. The games were set to be held from May 1-9 in Karachi but were postponed in April due to “unavoidable circumstances,” according to an official letter issued by the Sindh Olympic Association. Murad held a meeting today at CM House with a high-level delegation of the Pakistan Olympic Association (POA) to finalise preparations for the games. He welcomed the opportunity to host National Games, pledging full cooperation to…

SANTA FE, N.M. (AP) — Fashion designers from across North America are bringing inspiration from their Indigenous heritage, culture and everyday lives to three days of runway modeling starting Friday in a leading creative hub and marketplace for Indigenous art.A fashion show affiliated with the century-old Santa Fe Indian Market is collaborating this year with a counterpart from Vancouver, Canada, in a spirit of Indigenous solidarity and artistic freedom. A second, independent runway show at a rail yard district in the city has nearly doubled the bustle of models, makeup and final fittings.Three days of runway shows set to music…

Three malicious NPM packages posing as developer tools for the popular Cursor AI code editor were caught deploying a backdoor on macOS systems, vulnerability detection firm Socket reports. Cursor is a proprietary integrated development environment (IDE) that integrates AI features directly within the coding environment. It offers tiered access to LLMs, with premium language models priced per request. The packages, named sw‑cur, sw‑cur1, and aiide-cur, claim to provide cheap access to Cursor, exploiting the developers’ interest in avoiding paying the fees. All three packages were published by a threat actor using the NPM usernames gtr2018 and aiide, and have amassed over…