-
Hackers are increasingly exploiting cloud identity and access management systems, and a methodical, sophisticated, and multi-layered attack, where a threat actor we track as Storm-2949 launched a relentless campaign with a singular focus: to exfiltrate…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Hackers are increasingly abusing shared Content Delivery Network (CDN) infrastructure to bypass domain-reputation-based security controls using a newly identified technique called “Underminr.” Underminr is not a conventional software flaw but an inhere…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Hackers have been observed disguising a malicious Linux payload under an SSH-like filename during software installation, as part of a coordinated supply chain attack targeting developer ecosystems. The attack hinges on a hidden post-install script embe…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
GitHub has introduced a major security enhancement to the npm ecosystem with the general availability of staged publishing and new install-time controls in npm CLI version 11.15.0. These updates are designed to reduce software supply chain risks, parti…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly observed cyber campaign linked to the Iranian IRGC-affiliated threat group Nimbus Manticore (also tracked as UNC1549) highlights an evolution in both delivery tactics and malware sophistication. The activity, uncovered during the ongoing geopol…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A major evolution in the Kazuar malware family, a long-standing cyber espionage tool linked to the Russian state-sponsored threat group Secret Blizzard, also known as Turla and Venomous Bear. Kazuar historically supported espionage campaigns targeting …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Hackers have launched a large-scale software supply chain attack targeting developers across npm, PyPI, and Crates.io, compromising at least 34 open-source packages and hundreds of associated versions. Security researchers at Socket are tracking the ca…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated espionage campaign by the Iran-nexus advanced persistent threat group known as Screening Serpens also tracked as UNC1549 and Smoke Sandstorm deploying a newly identified remote access Trojan (RAT) family called MiniUpdate against target…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
NGINX users are facing a critical security issue after F5 disclosed a new vulnerability, tracked as CVE-2026-9256, affecting the widely used ngx_http_rewrite_module. The flaw, dubbed “Nginx-poolslip,” can allow attackers to trigger denial-of-service (D…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
CypherLoc is a sophisticated browser-lock scareware designed to drive victims to fraudulent tech support calls. It evades scanners and sandboxes by executing in an encrypted, condition-based manner inside the browser. Security teams should have robust …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
