⚡ THN Weekly Recap: GitHub Supply Chain Attack, AI Malware, BYOVD Tactics, and More
Mar 24, 2025Ravie LakshmananWeekly Recap / Hacking A quiet tweak in a popular open-source tool opened the door to a ...
Tag: network security
VSCode Marketplace Removes Two Extensions Deploying Early-Stage Ransomware
Mar 24, 2025Ravie LakshmananMalware / Encryption Cybersecurity researchers have uncovered two malicious extensions in the Visual Studio Code (VSCode) Marketplace ...
How to Balance Password Security Against User Experience
Mar 24, 2025Ravie LakshmananPassword Security / Compliance If given the choice, most users are likely to favor a seamless experience ...
Critical Next.js Vulnerability Allows Attackers to Bypass Middleware Authorization Checks
Mar 24, 2025Ravie LakshmananVulnerability / Web Security A critical security flaw has been disclosed in the Next.js React framework that ...
GitHub Supply Chain Breach: Coinbase Attack Exposes 218 Repositories, Leaks CI/CD Secrets
The supply chain attack involving the GitHub Action "tj-actions/changed-files" started as a highly-targeted attack against one of Coinbase's open-source projects, ...
U.S. Treasury Lifts Tornado Cash Sanctions Amid North Korea Money Laundering Probe
Mar 22, 2025Ravie LakshmananFinancial Security / Cryptocurrency The U.S. Treasury Department has announced that it's removing sanctions against Tornado Cash, ...
Cisco Partner Incentive Timing, Payout And Rebate Changes Revealed: Exclusive
Details are emerging from Cisco Channel Chief Rodney Clark on the timing of some of the changes coming for partners ...
UAT-5918 Targets Taiwan’s Critical Infrastructure Using Web Shells and Open-Source Tools
Mar 21, 2025Ravie LakshmananThreat Hunting / Vulnerability Threat hunters have uncovered a new threat actor named UAT-5918 that has been ...
Medusa Ransomware Uses Malicious Driver to Disable Anti-Malware with Stolen Certificates
Mar 21, 2025Ravie LakshmananRansomware / BYOVD The threat actors behind the Medusa ransomware-as-a-service (RaaS) operation have been observed using a ...
China-Linked APT Aquatic Panda: 10-Month Campaign, 7 Global Targets, 5 Malware Families
Mar 21, 2025Ravie LakshmananCybercrime / Cyber Espionage The China-linked advanced persistent threat (APT) group. known as Aquatic Panda has been ...
Trending.
