Malware Injected into 6 npm Packages After Maintainer Tokens Stolen in Phishing Attack
Jul 20, 2025Ravie LakshmananDevOps / Threat Intelligence Cybersecurity researchers have alerted to a supply chain attack that has targeted popular...
Hackers Exploit Critical CrushFTP Flaw to Gain Admin Access on Unpatched Servers
Jul 20, 2025Ravie LakshmananVulnerability / Threat Intelligence A newly disclosed critical security flaw in CrushFTP has come under active exploitation...
China’s Massistant Tool Secretly Extracts SMS, GPS Data, and Images From Confiscated Phones
Jul 18, 2025Ravie LakshmananSurveillance / Mobile Security Cybersecurity researchers have shed light on a mobile forensics tool called Massistant that's...
UNG0002 Group Hits China, Hong Kong, Pakistan Using LNK Files and RATs in Twin Campaigns
Jul 18, 2025Ravie LakshmananCyber Espionage / Malware Multiple sectors in China, Hong Kong, and Pakistan have become the target of...
Ivanti Zero-Days Exploited to Drop MDifyLoader and Launch In-Memory Cobalt Strike Attacks
Jul 18, 2025Ravie LakshmananMalware / Vulnerability Cybersecurity researchers have disclosed details of a new malware called MDifyLoader that has been...
CERT-UA Discovers LAMEHUG Malware Linked to APT28, Using LLM for Phishing Campaign
Jul 18, 2025Ravie LakshmananCyber Attack / Malware The Computer Emergency Response Team of Ukraine (CERT-UA) has disclosed details of a...
Critical NVIDIA Container Toolkit Flaw Allows Privilege Escalation on AI Cloud Services
Jul 18, 2025Ravie LakshmananCloud Security / AI Security Cybersecurity researchers have disclosed a critical container escape vulnerability in the NVIDIA...
Google Sues 25 Chinese Entities Over BADBOX 2.0 Botnet Affecting 10M Android Devices
Jul 18, 2025Ravie LakshmananBotnet / Network Security Google on Thursday revealed it's pursuing legal action in New York federal court...
From Backup to Cyber Resilience: Why IT Leaders Must Rethink Backup in the Age of Ransomware
With IT outages and disruptions escalating, IT teams are shifting their focus beyond simply backing up data to maintaining operations...
Hackers Use GitHub Repositories to Host Amadey Malware and Data Stealers, Bypassing Filters
Jul 17, 2025Ravie LakshmananMalware / Social Engineering Threat actors are leveraging public GitHub repositories to host malicious payloads and distribute...
