A recent investigation by cybersecurity researchers has brought to light a critical software supply chain…
Tag: malicious
Cybersecurity & Digital Privacy
Continue Reading
Malware-Slop: New Malicious npm Package Exfiltrates Sensitive AI Tool Data and Exposes Threat Actor’s Operational Flaw
Cybersecurity researchers have unveiled a sophisticated, yet ironically flawed, information-stealing operation codenamed "Malware-Slop," involving a…
Cybersecurity & Digital Privacy
Continue Reading
Megalodon GitHub Attack Targets 5,561 Repos with Malicious CI/CD Workflows
Cybersecurity researchers have unveiled an alarming new automated campaign dubbed "Megalodon," which rapidly injected 5,718…
Cybersecurity & Digital Privacy
Continue Reading
A Coordinated Supply Chain Attack Targets Packagist, Deploying Malicious Linux Binaries Through Cross-Ecosystem Package Manipulation
A sophisticated and coordinated supply chain attack campaign has recently been uncovered, impacting at least…
Blockchain & Web3
Continue Reading
Microsoft Threat Intelligence Confirms Malicious Code Injected into Mistral AI Software Package, Exposing Developers to Credential Theft
Microsoft Threat Intelligence has confirmed that malicious code was deliberately inserted into a Mistral AI…
Cybersecurity & Digital Privacy
Continue Reading
DAEMON Tools Software Hit by Sophisticated Supply Chain Attack Serving Malicious Payloads
A newly identified and highly sophisticated supply chain attack has targeted the widely used DAEMON…
Cybersecurity & Digital Privacy
Continue Reading
Google Fortifies Android Ecosystem with Enhanced Privacy Controls and AI-Powered Fraud Prevention, Blocking Over 8.3 Billion Malicious Ads
Google has recently unveiled a comprehensive suite of policy updates for its Play Store and…
Cybersecurity & Digital Privacy
Continue Reading
36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants
A significant cybersecurity alert has been issued following the discovery of 36 malicious packages within…
Cybersecurity & Digital Privacy
Continue Reading
Popular HTTP Client Axios Hit by Sophisticated Supply Chain Attack, Malicious Versions Deliver Cross-Platform Remote Access Trojan.
The widely-adopted HTTP client Axios has been at the center of a significant supply chain…
Cybersecurity & Digital Privacy
Continue Reading
Open VSX Fail-Open Bug Allowed Malicious VS Code Extensions to Bypass Security Scans
Cybersecurity researchers have unveiled critical details concerning a recently patched vulnerability that compromised Open VSX’s…
