-
Russian regional carrier KrasAvia is grappling with a major IT outage after what appears to be a cyberattack. Passengers have been unable to buy tickets online, and flight operations have been forced to switch to manual procedures. The airline confirme…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Krasnoyarsk Regional Airlines (KrasAvia) confirmed a sophisticated cyberattack that has rendered its primary online services inoperable. The breach targeted the airline’s web portal and associated back-end systems, including the Passenger Service System (PSS) and flight planning applications. As a result, passengers are currently unable to complete e-ticket purchases or check in online, prompting KrasAvia to […] The post Russian Airline Suffered Cyberattack Website and Other Systems Affected appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The JavaScript ecosystem experienced one of its most sophisticated and damaging supply chain attacks in September 2025, when a novel self-replicating worm dubbed “Shai-Hulud” compromised over 477 npm packages, marking the first successful automated propagation campaign in the npm registry’s history. This attack represents a significant evolution in supply chain threats, leveraging both social engineering and […] The post Lessons Learned From Massive npm Supply Chain Attack Using “Shai-Hulud” Self-Replicating Malware appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A threat actor who gained initial access through a SonicWall VPN device was able to escalate their attack by finding Huntress recovery codes saved in a plaintext file on a user’s desktop. This allowed the attacker to log into the client’s security portal, where they attempted to remediate incident reports and uninstall security agents to […] The post How a Plaintext File On Users’ Desktops Exposed Secrets Leads to Akira Ransomware Attacks appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A major supply chain attack dubbed “Shai-Halud” has impacted the JavaScript ecosystem by targeting over 477 NPM packages, raising serious concerns among developers and organizations relying on software from the Node Package Manager (NPM) re…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The cybersecurity landscape has witnessed a dramatic escalation in API-targeted attacks during the first half of 2025, with security researchers documenting over 40,000 API incidents across more than 4,000 monitored environments. This surge represents …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new supply chain attack has compromised multiple npm packages maintained by the crowdstrike-publisher account, marking a worrying continuation of the so-called “Shai-Halud attack.” Developers and organizations using these packages should take immedia…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Luxury retail giant Kering has confirmed a major data breach affecting its top fashion houses, including Gucci, Balenciaga, and Alexander McQueen. The cybercriminal group known as Shiny Hunters claims to have stolen private details tied to as many as 7…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new variation of the Rowhammer attack, named Phoenix, breaks through the built-in defenses of modern DDR5 memory modules. Researchers reverse-engineered the in-DRAM protections on SK Hynix chips and found blind spots that let them flip bits desp…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
London North Eastern Railway (LNER) has confirmed that an unauthorized breach at one of its third-party suppliers exposed contact details and travel histories of some passengers. No banking or password data were involved. The company says it is treatin…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
