Blog
SSH Keys Stolen by Stream of Malicious PyPI and npm Packages
The attackers utilized typosquatting and code modifications to trick developers into installing malicious packages and continuously refined their techniques to evade detection.
China’s BlackTech Hacking Group Exploited Routers to Target U.S. and Japanese Companies
Cybersecurity agencies from Japan and the U.S. have warned of attacks mounted by a state-backed hacking group from China to stealthily tamper with branch routers and use them as jumping-off points to access the networks of various companies in the two countries. The...
Swan Retail Cyberattack Woes Continue for Independent UK Retailers
The attacks have caused significant problems for retailers, with issues such as inventory management and order fulfillment still not resolved. Retailers have reported glitches and loss of sales due to the cyberattack.
Swan Retail Cyberattack Woes Continue for Independent UK Retailers
The attacks have caused significant problems for retailers, with issues such as inventory management and order fulfillment still not resolved. Retailers have reported glitches and loss of sales due to the cyberattack.
The Dark Side of Browser Isolation – and the Next Generation Browser Security Technologies
The landscape of browser security has undergone significant changes over the past decade. While Browser Isolation was once considered the gold standard for protecting against browser exploits and malware downloads, it has become increasingly inadequate and insecure in...
Cannot Depend on Dependabot: Found Contributing Malicious Code
Threat actors meticulously fabricated commit messages to mimic Dependabot's automated contributions to mask the malevolent activities they were indulging in. Between July 8 and July 11, an unidentified threat actor began compromising a multitude of GitHub...
China-Linked Budworm Targeting Middle Eastern Telco and Asian Government Agencies
Government and telecom entities have been subjected to a new wave of attacks by a China-linked threat actor tracked as Budworm using an updated malware toolset. The intrusions, targeting a Middle Eastern telecommunications organization and an Asian government, took...
Chinese State-Sponsored BlackTech Hackers Caught Hiding in Cisco Router Firmware
A Chinese state-sponsored APT called BlackTech has been caught hacking into network edge devices and using firmware implants to stay hidden and silently hop around the corporate networks of U.S. and Japanese multinational companies.
‘Snatch’ Ransom Group Exposes Visitor IP Addresses
The leaked data from Snatch's victim shaming site reveals that the group's darknet site attracts a significant number of visitors from Russia, potentially indicating their source of victims.
RICO Class-Action Data Privacy Lawsuit Filed Against H&R Block, Google, Meta
The suit claims that the companies violated data privacy laws by sharing customer tax return data without adequate disclosure, potentially creating targeted advertising dossiers.
FREE GUIDE