Dozens of malicious packages on NPM collect host and network data
60 packages have been discovered in the NPM index that attempt to collect sensitive host and network data and send it to a Discord webhook controlled…
Latest Cybersecurity News — Page 1902
View all →
Zero-Trust Policy Bypass Enables Exploitation of Vulnerabilities and Manipulation of NHI Secrets
A new project has exposed a critical attack vector that exploits protocol vulnerabilities to disrupt DNS infrastructure, manipulate Non-Human Identity (NHI) secrets, and ultimately bypass…
Operation Endgame Takes Down DanaBot Malware, Neutralizes 300 Servers
In a major international operation coordinated by Europol and Eurojust, law enforcement agencies and private sector partners have successfully dismantled the DanaBot malware network. This…
Lumma Stealer down for the count
The bustling cybercrime enterprise has been dealt a significant blow in a global operation that relied on the expertise of ESET and other technology companies…
Researchers Uncover Infrastructure and TTPs Behind ALCATRAZ Malware
Elastic Security Labs has recently exposed a sophisticated new malware family dubbed DOUBLELOADER, observed in conjunction with the RHADAMANTHYS infostealer. This discovery sheds light on…
Commvault M365 Threat Could Be Part Of Broader SaaS Campaign
Nation-state threat actors targeting Commvault applications hosted in Microsoft Azure may be part of a broader campaign targeting Software-as-a-Service (SaaS) applications, the U.S. Cybersecurity and…
GitLab Duo Vulnerability Exploited to Inject Malicious Links and Steal Source Code
A security vulnerability was recently discovered in GitLab Duo, the AI-powered coding assistant integrated into GitLab and based on Anthropic’s Claude models. Security researchers from…
FBI warns of Luna Moth extortion attacks targeting law firms
The FBI warned that an extortion gang known as the Silent Ransom Group has been targeting U.S. law firms over the last two years in…
New Formjacking Malware Targets E-Commerce Sites to Steal Credit Card Data
A disturbing new formjacking malware has emerged, specifically targeting WooCommerce-based e-commerce sites to steal sensitive credit card information, as recently uncovered by the Wordfence Threat…
In Other News: Volkswagen App Hacked, DR32 Sentenced, New OT Security Solution
SecurityWeek’s cybersecurity news roundup provides a concise compilation of noteworthy stories that might have slipped under the radar. We provide a valuable summary of stories…
Root for Your Friends · Joseph Thacker
Heads‑up: The concept of this post might seem trivial, but it can improve your career, happiness, and the people you care about. Proceed without caution.…
EU Targets Stark Industries in Cyberattack Sanctions Crackdown
The European Union has escalated its response to Russia’s ongoing campaign of hybrid threats, announcing new restrictive measures against 21 individuals and 6 entities. This…