Shai-Hulud Supply Chain Attack: Worm Used to Steal Secrets, 180+ NPM Packages Hit
More than 180 NPM packages were hit in a fresh supply chain attack that uses self-replicating malware to steal secrets, publish them on GitHub, and…
More than 180 NPM packages were hit in a fresh supply chain attack that uses self-replicating malware to steal secrets, publish them on GitHub, and…
A large-scale supply chain attack dubbed “Shai-Halud” that infiltrated the JavaScript ecosystem via the npm registry. In total, 477 packages, including packages from CrowdStrike, were…
Conor Brian Fitzpatrick, the founder and operator of BreachForums, has been resentenced to three more years in prison after a federal appeals court vacated his…
The notorious Scattered Spider hacking collective behind cyber attacks on Marks & Spencer and others is likely leaning on the expertise of other cyber criminals…
Microsoft and Cloudflare announced on Tuesday that they have teamed up to disrupt the RaccoonO365 phishing service, which has been used by cybercriminals to steal…
The real-world risk – “loss of control over knowledge and capabilities of nuclear, biological, chemical and missile weapons” – was put forward in an AI…
A threat actor who gained initial access through a SonicWall VPN device was able to escalate their attack by finding Huntress recovery codes saved in…
The developers behind the PureHVNC remote access trojan (RAT) have been uncovered using GitHub repositories to host critical components and plugin source code for their…
A denial-of-service flaw in the Linux kernel’s KSMBD (SMB Direct) subsystem has raised alarms across the open-source community. Tracked as CVE-2025-38501, the issue allows a…
A sophisticated Python-based information stealer named XillenStealer has emerged as a significant threat to Windows users, designed to harvest sensitive system data, browser credentials, and…
American First Finance, LLC, a Dallas-based financial services firm, suffered a significant insider breach when a recently terminated employee exploited unauthorized access to its production…
The Electronic Frontier Foundation (EFF) has released Rayhunter, a new open-source tool designed to detect cell site simulators (CSS). These devices, also known as IMSI…