Scientists found that reduced ATP signaling in the hippocampus can trigger both depression and anxiety in mice.
Lower ATP levels and a drop in connexin 43 expression appeared to make stressed animals more vulnerable. Manipulating this protein alone was enough to produce mood-related symptoms, while restoring it reversed them.
ATP Signaling and Mood Disorders.
That’s not all. Since the attack plays out via the web browser, it’s also a cross-platform threat. This essentially turns any browser application on any platform that subscribes to the malicious notifications to be enlisted to the pool of clients, giving adversaries a persistent communication channel.
Matrix Push C2 is offered as a malware-as-a-service (MaaS) kit to other threat actors. It’s sold directly through crimeware channels, typically via Telegram and cybercrime forums, under a tiered subscription model: about $150 for one month, $405 for three months, $765 for six months, and $1,500 for a full year.
“Payments are accepted in cryptocurrency, and buyers communicate directly with the operator for access,” Dr. Darren Williams, founder and CEO of BlackFog, told The Hacker News. “Matrix Push was first observed at the beginning of October and has been active since then. There’s no evidence of older versions, earlier branding, or long-standing infrastructure. Everything indicates this is a newly launched kit.”
Multiple security vendors are sounding the alarm about a second wave of attacks targeting the npm registry in a manner that’s reminiscent of the Shai-Hulud attack.
The new supply chain campaign, dubbed Sha1-Hulud, has compromised hundreds of npm packages, according to reports from Aikido, HelixGuard, JFrog, Koi Security, ReversingLabs, SafeDep, Socket, Step Security, and Wiz. The trojanized npm packages were uploaded to npm between November 21 and 23, 2025. The attack has impacted popular packages from Zapier, ENS Domains, PostHog, and Postman, among others.
“The campaign introduces a new variant that executes malicious code during the preinstall phase, significantly increasing potential exposure in build and runtime environments,” Wiz researchers Hila Ramati, Merav Bar, Gal Benmocha, and Gili Tikochinski said.
Once installed, the malware is designed to launch a core module that’s responsible for loading other plugins embedded in the shellcode into memory. It also comes fitted with a variety of anti-detection and persistence techniques. The activity has not been attributed to any known threat actor or group.
“After the proof-of-concept (PoC) exploit code for the vulnerability was publicly released, attackers quickly weaponized it to distribute ShadowPad malware via WSUS servers,” AhnLab said. “This vulnerability is critical because it allows remote code execution with system-level permission, significantly increasing the potential impact.”
Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post.
Microsoft has warned IT administrators to prepare for the removal of Windows Internet Name Service (WINS) from Windows Server releases starting in November 2034.
The legacy WINS computer name registration and resolution service has been deprecated with the release of Windows Server 2022 in August 2021, when Microsoft stopped active development and working on new features.
Windows Server 2025 will be the final Long-Term Servicing Channel release to come with WINS support, with the feature to be removed from future releases.
A Russian-linked campaign delivers the StealC V2 information stealer malware through malicious Blender files uploaded to 3D model marketplaces like CGTrader.
Blender is a powerful open-source 3D creation suite that can execute Python scripts for automation, custom user interface panels, add-ons, rendering processes, rigging tools, and pipeline integration.
If the Auto Run feature is enabled, when a user opens a character rig, a Python script can automatically load the facial controls and custom UI panels with the required buttons and sliders.