packages
-
Experts Uncover Weaknesses in PowerShell Gallery Enabling Supply Chain Attacks
Active flaws in the PowerShell Gallery could be weaponized by threat actors to pull off supply chain attacks against the…
Read More » -
North Korean Hackers Suspected in New Wave of Malicious npm Packages
The npm package registry has emerged as the target of yet another highly targeted attack campaign that aims to entice…
Read More » -
Hackers Abusing Cloudflare Tunnels for Covert Communications
New research has revealed that threat actors are abusing Cloudflare Tunnels to establish covert communication channels from compromised hosts and…
Read More » -
North Korean Hackers Targets Russian Missile Engineering Firm
Two different North Korean nation-state actors have been linked to a cyber intrusion against the major Russian missile engineering company…
Read More » -
Malicious npm Packages Found Exfiltrating Sensitive Data from Developers
Cybersecurity researchers have discovered a new bunch of malicious packages on the npm package registry that are designed to exfiltrate…
Read More » -
North Korean Nation-State Actors Exposed in JumpCloud Hack After OPSEC Blunder
North Korean nation-state actors affiliated with the Reconnaissance General Bureau (RGB) have been attributed to the JumpCloud hack following an…
Read More » -
Banking Sector Targeted in Open-Source Software Supply Chain Attacks
Cybersecurity researchers said they have discovered what they say is the first open-source software supply chain attacks specifically targeting the…
Read More » -
North Korean State-Sponsored Hackers Suspected in JumpCloud Supply Chain Attack
An analysis of the indicators of compromise (IoCs) associated with the JumpCloud hack has uncovered evidence pointing to the involvement…
Read More » -
Chinese APT41 Hackers Target Mobile Devices with New WyrmSpy and DragonEgg Spyware
The prolific China-linked nation-state actor known as APT41 has been linked to two previously undocumented strains of Android spyware called…
Read More » -
Hackers Exploit WebAPK to Deceive Android Users into Installing Malicious Apps
Threat actors are taking advantage of Android’s WebAPK technology to trick unsuspecting users into installing malicious web apps on Android…
Read More »