The npm incident frightened everyone, but ended up being nothing to fret about
Security professionals and observers across the industry got swept into a pit of fear Monday when an attacker took over and injected malicious code into…
Category: Cyberscoop
Acting federal cyber chief outlines his three priorities for the next year
The U.S. government’s acting chief information security officer outlined his three priorities for federal cyber officials over the next year at a cybersecurity event in…
Critical infrastructure security tech needs to be as good as our smartphones, top NSC cyber official says
The top cyber official at the National Security Council said Tuesday that he’s dismayed by the lag in security technology embedded in critical infrastructure, saying…
Microsoft Patch Tuesday addresses 81 vulnerabilities, none actively exploited
Microsoft addressed 81 vulnerabilities affecting its enterprise products and underlying Windows systems, but none have been actively exploited, the company said in its latest security…
U.S. indicts Ukrainian national for hundreds of ransomware attacks using multiple variants
The Department of Justice unsealed an indictment against a Ukrainian national alleged to be central to a ransomware campaign affecting hundreds of companies worldwide. Volodymyr…
Former Meta security chief sues company for privacy violations, professional retaliation
Meta is being sued by its former head of security, who claims the company ignored repeated warnings that its messaging platform WhatsApp was riddled with…
National cyber director: U.S. strategy needs to shift cyber risk from Americans to its adversaries
The United States needs a “new, coordinated strategy” to counter its cyber adversaries and “shift the burden of risk in cyberspace from Americans to them,”…
Mitsubishi Electric to acquire Nozomi Networks in $1 billion deal
Industrial conglomerate Mitsubishi Electric has agreed to acquire OT and IoT cybersecurity specialist Nozomi Networks in a transaction that values the San Francisco-based firm near…
Treasury Department targets Southeast Asia scam hubs with sanctions
Federal authorities on Monday imposed sanctions on 19 people and organizations allegedly involved in major cyberscam hubs in Burma and Cambodia. “Criminal actors across Southeast…
Salesloft Drift security incident started with undetected GitHub access
Salesloft pinned the root cause of the Drift supply-chain attacks to a threat group gaining access to its GitHub account as far back as March,…
Supreme Court blocks FTC commissioner Slaughter’s reinstatement
Rebecca Slaughter’s return-to-work orders have been put on hold for the second time this year, after the U.S. Supreme Court stepped in to block a…
NYU team behind AI-powered malware dubbed ‘PromptLock’
Researchers at New York University have taken credit for creating a piece of malware found by third-party researchers that uses prompt injection to manipulate a…