packages
-
Researchers Warn of Cyber Weapons Used by Lazarus Group’s Andariel Cluster
The North Korean threat actor known as Andariel has been observed employing an arsenal of malicious tools in its cyber…
Read More » -
North Korean Hackers Deploy New Malicious Python Packages in PyPI Repository
Three additional rogue Python packages have been discovered in the Package Index (PyPI) repository as part of an ongoing malicious…
Read More » -
Malicious npm Packages Aim to Target Developers for Source Code Theft
An unknown threat actor is leveraging malicious npm packages to target developers with an aim to steal source code and…
Read More » -
Developers Beware: Malicious Rust Libraries Caught Transmitting OS Info to Telegram Channel
In yet another sign that developers continue to be targets of software supply chain attacks, a number of malicious packages…
Read More » -
Over a Dozen Malicious npm Packages Target Roblox Game Developers
More than a dozen malicious packages have been discovered on the npm package repository since the start of August 2023…
Read More » -
Thousands of Android Malware Apps Using Stealthy APK Compression to Evade Detection
Threat actors are using Android Package (APK) files with unknown or unsupported compression methods to elude malware analysis. That’s according…
Read More » -
Experts Uncover Weaknesses in PowerShell Gallery Enabling Supply Chain Attacks
Active flaws in the PowerShell Gallery could be weaponized by threat actors to pull off supply chain attacks against the…
Read More » -
North Korean Hackers Suspected in New Wave of Malicious npm Packages
The npm package registry has emerged as the target of yet another highly targeted attack campaign that aims to entice…
Read More » -
Hackers Abusing Cloudflare Tunnels for Covert Communications
New research has revealed that threat actors are abusing Cloudflare Tunnels to establish covert communication channels from compromised hosts and…
Read More » -
North Korean Hackers Targets Russian Missile Engineering Firm
Two different North Korean nation-state actors have been linked to a cyber intrusion against the major Russian missile engineering company…
Read More »