10 npm Packages Caught Stealing Developer Credentials on Windows, macOS, and Linux
29
Oct
2025

10 npm Packages Caught Stealing Developer Credentials on Windows, macOS, and Linux

Oct 29, 2025Ravie LakshmananMalware / Threat Intelligence Cybersecurity researchers have discovered a set of 10 malicious npm packages that are…

Hackers Allegedly Claim Breach Of HSBC USA Customers' Records Including Financial Details
29
Oct
2025

Hackers Allegedly Claim Breach Of HSBC USA Customers’ Records Including Financial Details

A threat actor has claimed responsibility for breaching HSBC USA, alleging possession of a vast database containing sensitive customer personal…

10 NPM Packages That Automatically Run on Install and Steal Credentials
29
Oct
2025

10 NPM Packages That Automatically Run on Install and Steal Credentials

A sophisticated supply chain attack involving ten malicious npm packages that execute automatically upon installation and deploy a comprehensive credential…

Privado.ai introduces AI agents to automate privacy assessments and real-time data mapping
29
Oct
2025

Privado.ai introduces AI agents to automate privacy assessments and real-time data mapping

Privado.ai released several new capabilities to automate privacy assessments and data maps for privacy teams amid growing privacy enforcement for…

U.S. CISA adds Dassault Systèmes DELMIA Apriso flaws to its Known Exploited Vulnerabilities catalog
29
Oct
2025

U.S. CISA adds Dassault Systèmes DELMIA Apriso flaws to its Known Exploited Vulnerabilities catalog

U.S. CISA adds Dassault Systèmes DELMIA Apriso flaws to its Known Exploited Vulnerabilities catalog Pierluigi Paganini October 29, 2025 U.S….

Google Wear OS Message App Vulnerability Let Any Installed App To Send SMS Behalf Of User
29
Oct
2025

Google Wear OS Message App Vulnerability Let Any Installed App To Send SMS Behalf Of User

A vulnerability in Google Messages on Wear OS devices allows any installed app to silently send SMS, MMS, or RCS…

XWiki Remote Code Execution Flaw Actively Weaponized for Coinmining
29
Oct
2025

XWiki Remote Code Execution Flaw Actively Weaponized for Coinmining

A critical security vulnerability in XWiki collaboration software is being actively exploited by threat actors to deploy cryptocurrency mining malware…

Palo Alto Networks launches Prisma AIRS 2.0 to deliver end-to-end security across the AI lifecycle
29
Oct
2025

Palo Alto Networks launches Prisma AIRS 2.0 to deliver end-to-end security across the AI lifecycle

Palo Alto Networks announced Prisma AIRS 2.0, a major platform upgrade that completes the native integration of recently acquired Protect…

Active Exploits Hit Dassault and XWiki — CISA Confirms Critical Flaws Under Attack
29
Oct
2025

Active Exploits Hit Dassault and XWiki — CISA Confirms Critical Flaws Under Attack

Oct 29, 2025Ravie LakshmananVulnerability / Malware Threat actors are actively exploiting multiple security flaws impacting Dassault Systèmes DELMIA Apriso and…

Herodotus Android malware mimics human typing to evade detection
29
Oct
2025

Herodotus Android malware mimics human typing to evade detection

Herodotus Android malware mimics human typing to evade detection Pierluigi Paganini October 29, 2025 Threat Fabric researchers spotted Herodotus Android…

Microsoft Sued for Allegedly Misleading Millions to Subscribe for Microsoft 365 Subscriptions
29
Oct
2025

Microsoft Sued for Allegedly Misleading Millions to Subscribe for Microsoft 365 Subscriptions

Australia’s competition regulator has filed legal proceedings against Microsoft for allegedly misleading approximately 2.7 million Australian consumers regarding subscription options…

Beast Ransomware Targets Active SMB Connections to Infect Entire Networks
29
Oct
2025

Beast Ransomware Targets Active SMB Connections to Infect Entire Networks

A sophisticated ransomware operation known as Beast has emerged as a significant cybersecurity threat, employing aggressive network propagation tactics that…