CrowdStrike Among Those Hit In NPM Attack Campaign
More than 20 CrowdStrike NPM packages were among nearly 200 NPM packages hit by a sophisticated supply chain attack. The compromised packages were quickly removed…
Category: DarkReading
Black Hat USA 2025 CISO Podcast Series: Episode 7 Out Now
At Black Hat USA 2025, The Cyber Express, in collaboration with Suraksha Catalyst, released Episode 7 of its CISO Podcast Series, focusing on a theme…
New Infostealer Campaign Targets Popular Games
Cyble threat intelligence researchers have uncovered an infostealer campaign that spreads the Maranhão Stealer through social engineering websites claiming to offer pirated software, cracked game…
China Enforces 1-Hour Cybersecurity Incident Reporting
China is ramping up its cybersecurity enforcement with new regulations requiring network operators to report severe cybersecurity incidents within one hour. The rules, announced by…
CVE-2025-58434: FlowiseAI Vulnerability Exposes Accounts
A severe security vulnerability has been discovered in FlowiseAI, an open-source AI workflow automation tool, exposing users to the risk of complete account compromise. Tracked…
CISA Adds DELMIA Manufacturing Software Vulnerability To KEV
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a manufacturing operations management software vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, a rare…
ASEAN Cybercrime Threat Sparks 10-Year Regional Action Plan
Cybercrime and online scams have officially overtaken traditional threats as the primary regional security concern for the Association of Southeast Asian Nations (ASEAN). This ASEAN…
FTC Probes AI Chatbots Designed As “Companions” For Children’s Safety
The U.S. Federal Trade Commission has opened a formal inquiry into AI chatbots that act like companions—designed to mimic emotions, build trust, and engage like…
Student Insider Threats Driving Surge In UK School Data Breaches
Over half of insider cyber incidents in UK schools are being caused by students—a trend raising alarms across education, regulation, and cybersecurity communities. The Information…
Massive NPM Supply Chain Attack Earned Attackers Only $600
A massive NPM supply chain attack that hit about 10% of all cloud environments yielded little for the hackers who engineered the compromise. That’s the…
SAP Patches Critical CVE-2025-42944 In NetWeaver
SAP has released a new security update addressing a broad range of vulnerabilities across its product ecosystem. Among the most alarming is a critical vulnerability…
FTC Urged To Investigate Microsoft On Outdated RC4 Encryption And Kerberoasting Flaws
A fresh firestorm has erupted over Microsoft’s handling of cybersecurity risks, with U.S. Senator Ron Wyden (D-OR) calling on the Federal Trade Commission (FTC) to…