NPM ecosystem at risk from “Manifest Confusion” attacks
The NPM (Node Package Manager) registry suffers from a security lapse called “manifest confusion,” which undermines the trustworthiness of packages and makes it possible for…
Month: June 2023
European Dismantle of EncroChat for seizure of $979 Million Funds
More than 6,500 people were arrested as a result of the takedown of the encrypted phone service platform Encrochat, and 900 million euros ($980 million)…
Most Enterprise SIEMs Fail Against MITRE ATT&CK
SIEM (Security Incident and Event Management) tools are being used in most organizations for monitoring, analyzing, and preventing threat actors. Organizations are trying to build…
8Base ransomware group leaks data of 67 victim organizations
Lockbit 3.0 is currently the most active ransomware group, NCC Group says in its most recent Threat Pulse report, but new ransomware groups like 8Base…
Scottish government tech accelerator opens latest funding round
The Scottish government’s technology startup accelerator has launched a new set of “challenges”, opening up around $10m worth of contract opportunities to any enterprise able…
Invary Raises $1.85 Million in Pre-Seed Funding for Runtime Integrity Solution
Operating system runtime validation and security firm Invary today announced it has raised $1.85 million in a pre-seed funding round led by Flyover Capital. The…
Critical SQL Injection flaws in Gentoo Soko can lead to RCESecurity Affairs
SQL injection vulnerabilities in Gentoo Soko could lead to remote code execution (RCE) on impacted systems. SonarSource researchers discovered two SQL injection vulnerabilities in Gentoo…
8Base ransomware gang escalates double extortion attacks in June
A 8Base ransomware gang is targeting organizations worldwide in double-extortion attacks, with a steady stream of new victims since the beginning of June. The ransomware…
Newly Surfaced ThirdEye Infostealer Targeting Windows Devices
While the ThirdEye infostealer is now in town, researchers have already identified several of its variants, all aiming at victims’ data. FortiGuard Labs uncovered a…
GDPR tax reclaim scheme preys on fears of SMEs
Small businesses have been warned to avoid companies offering them a way to claim tax refunds through a fake scheme linked to money they set…
Fibaro Motion Sensor Vulnerability Allows Threat Actors To Launch DDoS Attacks
A vulnerability in a popular motion sensor system has recently caught the attention of cybersecurity experts. Designated as CVE-2023-34597, this vulnerability affects the Fibaro Motion…
Sensitive Information Stolen in LetMeSpy Stalkerware Hack
Radeal, the Polish developer of Android stalkerware ‘LetMeSpy’, is informing users that their personal information and collected data was stolen as a result of a…