A large-scale npm supply chain attack has compromised dozens of official packages under the @redhat-cloud-services scope, … Massive npm Supply Chain Attack Targets Red Hat PackagesRead more
malware
North Korean Hackers Exploit Packagist to Target PHP Developers
A sophisticated software supply chain attack linked to the Famous Chollima Packagist attack has exposed a … North Korean Hackers Exploit Packagist to Target PHP DevelopersRead more
Grandoreiro Malware Resurfaces, Targeting Banks and Businesses
The Grandoreiro malware—a long-standing banking trojan active since 2016—has returned with new campaigns targeting financial institutions … Grandoreiro Malware Resurfaces, Targeting Banks and BusinessesRead more
InvisibleFerret Malware Now Ships as Compiled .pyd and .so Files to Evade Script Detection
The North Korea-linked threat actor known as Void Dokkaebi (also tracked as Famous Chollima) has quietly … InvisibleFerret Malware Now Ships as Compiled .pyd and .so Files to Evade Script DetectionRead more
How 1,350+ Cybercrime Servers Hid in Middle East Networks
The telecommunications and hosting infrastructure of the Middle East has evolved into a primary backbone for … How 1,350+ Cybercrime Servers Hid in Middle East NetworksRead more
Signed Lenovo Driver Abuse Lets Attackers Kill EDR Defenses
A newly uncovered vulnerability in a legitimate Lenovo driver is raising serious concerns across the cybersecurity … Signed Lenovo Driver Abuse Lets Attackers Kill EDR DefensesRead more
China-Linked Cyber Espionage Exploits Global Telecoms via New ‘Showboat’ Malware
A sophisticated, state-sponsored cyber espionage campaign is quietly compromising international telecommunications infrastructure. Security researchers have unveiled … China-Linked Cyber Espionage Exploits Global Telecoms via New ‘Showboat’ MalwareRead more
Trust No Download: How Hackers Weaponized HWMonitor to Steal Data
In a classic case of digital “wolf in sheep’s clothing,” threat actors are now exploiting the … Trust No Download: How Hackers Weaponized HWMonitor to Steal DataRead more
Critical Vulnerability in Cline AI Agent Allows Remote Code Execution
A serious security flaw has been uncovered in the Cline Kanban server that puts developers’ workspace … Critical Vulnerability in Cline AI Agent Allows Remote Code ExecutionRead more
Beware the Hidden Threat in Your GitHub Job Test: North Korean Hackers’ Sneaky New Trick
If you’re a software developer, you probably know the drill when it comes to job applications: … Beware the Hidden Threat in Your GitHub Job Test: North Korean Hackers’ Sneaky New TrickRead more