Cybersecurity News
Stay informed about the latest cybersecurity incidents, vulnerabilities, and threat landscape changes. We cover data breaches, ransomware campaigns, critical CVEs, and regulatory updates – with context on what it means for you and how to protect yourself.
Axios npm Package Compromised in Targeted Supply Chain Attack Linked to UNC1069
The Axios JavaScript library, one of the most downloaded packages in the npm ecosystem with around 100 million weekly installs, ...
Malicious npm Strapi Plugins Highlight Escalating Software Supply Chain Threats
A campaign involving 36 malicious npm packages disguised as plugins for the Strapi CMS has exposed how easily attackers can ...
North Korean APTs Turn GitHub and Dropbox into Stealthy C2 Infrastructure
North Korean state-linked threat actors are increasingly abusing legitimate cloud services such as GitHub and Dropbox as covert command-and-control (C2) ...
Linux Servers Under Fire from Cookie-Controlled PHP Web Shell Attacks
Linux web servers are facing a rise in attacks where adversaries use HTTP cookies as a covert control channel for ...
Drift Protocol Hack on Solana: Durable Nonce Abuse, Fake Token Collateral and a Suspected DPRK Link
The decentralized derivatives exchange Drift Protocol, built on the Solana blockchain, has confirmed a major security incident: on 1 April ...
Why SOC Teams Need Cross-Platform Malware Analysis to Stop Multi-OS Attacks
Enterprise attack surfaces are no longer defined by a single operating system. Corporate environments typically combine Windows workstations, macOS laptops ...
Apple Expands iOS 18.7.7 Security Update to Fight DarkSword Exploit Kit
Apple has taken the unusual step of broadening access to the iOS 18.7.7 and iPadOS 18.7.7 security update for a ...
CERT-UA Exposes AGEWHEEZE RAT Distributed via AI-Enhanced Phishing Campaign
The Ukrainian Computer Emergency Response Team (CERT-UA) has disclosed a new targeted phishing campaign in which attackers masqueraded as the ...
Water Saci’s Casbaneiro–Horabot Phishing Campaign Targets Latin America and Europe
A large-scale, multi-stage phishing campaign is targeting Spanish-speaking users in enterprises across Latin America and several European countries. The operation ...
New WhatsApp Malware Campaign Uses VBS Scripts and AnyDesk for Stealthy Remote Access
Microsoft Defender researchers have identified a new targeted WhatsApp malware campaign that distributes malicious VBS scripts and establishes long-term remote ...
