Zapier’s NPM Account Hacked, Multiple Packages Infected with Malware
Zapier’s NPM account has been successfully compromised, leading to the injection of the Shai Hulud malware into 425 packages currently distributed across the npm ecosystem.…
Latest Cybersecurity News — Page 950
View all →
New RadzaRat Spyware Poses as File Manager to Hijack Android Devices – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More
Cybersecurity experts at Certo Software have discovered a new Android spyware called RadzaRat. This malware is a Remote Access Trojan (RAT) that gives criminals full…
Chinese DeepSeek-R1 AI Generates Insecure Code When Prompts Mention Tibet or Uyghurs
New research from CrowdStrike has revealed that DeepSeek’s artificial intelligence (AI) reasoning model DeepSeek-R1 produces more security vulnerabilities in response to prompts that contain topics…
The slow rise of SBOMs meets the rapid advance of AI
Open-source components power nearly all modern software, but they’re often buried deep in massive codebases—hiding severe vulnerabilities. For years, software bills of materials (SBOMs) have…
Threats Actors Leverage Python-based Malware to Inject Process into a Legitimate Windows Binary
Cybersecurity researchers have uncovered a sophisticated Python-based malware that employs process injection techniques to hide inside legitimate Windows binaries. This threat represents a new evolution…
LLMs Tools Like GPT-3.5-Turbo and GPT-4 Fuel the Development of Fully Autonomous Malware
The rapid proliferation of large language models has transformed how organizations approach automation, coding, and research. Yet this technological advancement presents a double-edged sword: threat…
Grafana Flags Critical SCIM Vulnerability CVE-2025-41115
Grafana Labs has issued a warning regarding a maximum-severity security flaw, identified as CVE-2025-41115, affecting its Enterprise product. The vulnerability can allow attackers to impersonate…
Salesforce Updates On Gainsight Security Incident
Salesforce has issued a new update on the ongoing Salesforce Gainsight security incident, confirming additional details about the unusual activity detected across Gainsight-published applications connected…
When trust turns toxic: Lessons from the Salesloft Drift incident
The recent Salesloft Drift breach offered a sobering reminder of how easily trust can be weaponized in today’s SaaS and AI-integrated environments. In this incident,…
Windows 11 24H2 bug crashes Explorer and Start Menu
Microsoft has confirmed a critical Windows 11 24H2 bug that causes the File Explorer, the Start Menu, and other key system components to crash after…
Hackers Replace ‘m’ with ‘rn’ in Microsoft(.)com to Steal Users’ Login Credentials
A sophisticated phishing campaign is currently leveraging a subtle typographical trick to bypass user vigilance, deceiving victims into handing over sensitive login credentials. Attackers utilize…
AI attack agents are accelerators, not autonomous weapons: the Anthropic attack
AI attack agents are accelerators, not autonomous weapons: the Anthropic attack Pierluigi Paganini November 24, 2025 Why today’s AI attack agents boost human attackers but…