Security researchers at Reversing Labs have uncovered a sophisticated supply chain attack targeting the npm ecosystem, specifically affecting Ethereum development libraries. The attack involves two malicious packages that demonstrate advanced persistence capabilities, remaining active even after their removal from the system. Advanced Persistent Threat: Understanding the Attack Mechanism The discovered malicious packages, ethers-provider2 and ethers-providerz, … Read more

Security researchers at Silent Push have uncovered a sophisticated phishing campaign targeting Counter-Strike 2 players through an advanced browser-in-the-browser (BiTB) attack technique. The operation employs meticulously crafted fake Steam login windows that are virtually indistinguishable from legitimate authentication portals. Sophisticated Social Engineering Leverages Gaming Community Trust The threat actors have orchestrated their campaign by impersonating … Read more

Security researchers at ReversingLabs have uncovered a significant security breach in the Visual Studio Code marketplace, where two extensions were found containing hidden ransomware capabilities. The compromised extensions, identified as “ahban.shiba” and “ahban.cychelloworld,” managed to evade detection for several months, highlighting critical vulnerabilities in the marketplace’s security verification process. Technical Analysis of the Malicious Extensions … Read more

Cybersecurity researchers have concluded their investigation into a sophisticated supply chain attack targeting GitHub Actions, revealing that while 23,000 repositories utilized the compromised tj-actions/changed-files component, only 218 repositories experienced actual secret exposure. The investigation uncovered that cryptocurrency exchange Coinbase was the primary target, with subsequent propagation occurring as collateral damage. Attack Vector Analysis: Supply Chain … Read more

A significant global security incident affecting DrayTek routers has emerged, causing widespread disruptions across multiple countries. Network administrators and security professionals are reporting systematic failures characterized by connection losses and recursive reboots across various DrayTek router models, indicating a potential large-scale security breach or critical firmware malfunction. Incident Analysis and Impact Assessment Major internet service … Read more

Security researchers at watchTowr Labs have uncovered a severe remote code execution (RCE) vulnerability in Veeam Backup & Replication, a widely-deployed enterprise backup solution. The vulnerability, tracked as CVE-2025-23120, received a critical CVSS score of 9.9 out of 10, affecting all version 12 builds up to 12.3.0.310, putting numerous organizations at significant risk. Understanding the … Read more

Blizzard Entertainment has implemented significant security policy changes for World of Warcraft Classic’s hardcore mode following a series of sophisticated Distributed Denial of Service (DDoS) attacks. These targeted cyber assaults have resulted in unprecedented character losses and severe gameplay disruptions, highlighting the growing challenges of maintaining security in modern gaming environments. Anatomy of the DDoS … Read more

A significant data breach affecting Keenetic router users has been revealed by CyberNews, exposing sensitive network configurations and device settings of over one million customers. The incident, which occurred in March 2023, predominantly impacted users in Russia and highlights serious concerns about IoT device security and cloud backup configurations. Breach Scope and Compromised Data Analysis … Read more

Cloudflare has announced a significant security enhancement for its API infrastructure, mandating HTTPS-only connections starting March 20, 2025. This decisive move will completely eliminate HTTP access to api.cloudflare.com, marking a crucial step forward in protecting sensitive data transmission and strengthening API security protocols. Understanding the Security Implications of HTTPS-Only API Access The transition to mandatory … Read more

A significant security breach has been discovered in Oracle’s cloud infrastructure, potentially exposing sensitive data of over 6 million users. Despite Oracle’s official denials, mounting evidence suggests a widespread compromise of the company’s federated SSO servers, raising serious concerns about cloud security integrity. Breach Details and Attack Vector Analysis The security incident came to light … Read more