Stay Updated with the Latest Tech News
Get ahead of the curve with the latest insights, trends, and analysis in the tech world.
Browse by Category
Popular Topics
#General #Development #Mobile Development #Cloud & DevOps #Cybersecurity & Privacy #AI & Data Science #Hardware & Gadgets #Design & UX20 Popular npm Packages With 2 Billion Weekly Downloads Compromised in Supply Chain Attack
Multiple npm packages have been compromised as part of a software supply chain attack after a maintainer's account was compromised in a phishing attack. The attack targeted Josh Junon (aka Qix), who received an email message that mimicked npm ("support@npmjs[.]help"), urging them to update their update their two-factor authentication (2FA) credentials before September 10, 2025, by clicking on
Share on Facebook
Share in Tweet (rip twitter)
Share on LinkedIn
Share on Reddit
Share on Threads
Share on Bluesky
45 Previously Unreported Domains Expose Longstanding Salt Typhoon Cyber Espionage
Threat hunters have discovered a set of previously unreported domains, some going back to May 2020, that are associated with China-linked threat actors Salt Typhoon and UNC4841. "The domains date back several years, with the oldest registration activity occurring in May 2020, further confirming that the 2024 Salt Typhoon attacks were not the first activity carried out by this group," Silent Push
Treasury Department targets Southeast Asia scam hubs with sanctions
Cybercrime hubs in Southeast Asia scammed Americans out of at least $10 billion last year, a 66% increase from 2023, officials said. The post Treasury Department targets Southeast Asia scam hubs with sanctions appeared first on CyberScoop.
18 Popular Code Packages Hacked, Rigged to Steal Crypto
At least 18 popular JavaScript code packages that are collectively downloaded more than two billion times each week were briefly compromised with malicious software today, after a developer involved in maintaining the projects was phished. The attack appears to have been quickly contained and was narrowly focused on stealing cryptocurrency. But experts warn that a similar attack with a slightly more nefarious payload...
SentinelOne Announces Plans to Acquire Observo AI
The combined company will help customers separate data ingestion from SIEM to improve threat detection and response.
'MostereRAT' Malware Blends In, Blocks Security Tools
A threat actor is using a sophisticated EDR-killing malware tool in a campaign to maintain long-term, persistent access on Windows systems.
Salesloft Drift security incident started with undetected GitHub access
The company said a threat actor accessed and snooped around its account for months, then stole OAuth tokens for Drift integrations from its cloud environment. The post Salesloft Drift security incident started with undetected GitHub access appeared first on CyberScoop.
Salesloft Breached via GitHub Account Compromise
The breach kickstarted a massive supply chain attack that led to the compromise of hundreds of Salesforce instances through stolen OAuth tokens.
Signed Copies of Rewiring Democracy
When I announced my latest book last week, I forgot to mention that you can pre-order a signed copy here. I will ship the books the week of 10/20, when it is published.
CISA pushes final cyber incident reporting rule to May 2026
The agency will consider streamlining the CIRCIA rule and finding ways to deconflict with other cyber regulations. The post CISA pushes final cyber incident reporting rule to May 2026 appeared first on CyberScoop.
Supreme Court blocks FTC commissioner Slaughterβs reinstatement
As some observers predicted, Democratic commissioners are racking up lower court victories, but the highest court in the country appears skeptical. The post Supreme Court blocks FTC commissioner Slaughterβs reinstatement appeared first on CyberScoop.
GitHub Account Compromise Led to Salesloft Drift Breach Affecting 22 Companies
Salesloft has revealed that the data breach linked to its Drift application started with the compromise of its GitHub account. Google-owned Mandiant, which began an investigation into the incident, said the threat actor, tracked as UNC6395, accessed the Salesloft GitHub account from March through June 2025. It's currently not known how the digital intruders gained access to the GitHub account.
Chinese Spies Impersonated US Lawmaker to Deliver Malware to Trade Groups: ReportΒ
Chinaβs APT41 sent out malicious emails on behalf of Rep. John Moolenaar to collect information ahead of US-China trade talks. The post Chinese Spies Impersonated US Lawmaker to Deliver Malware to Trade Groups: Report appeared first on SecurityWeek.
GPUGate Malware Uses Google Ads and Fake GitHub Commits to Target IT Firms
Cybersecurity researchers have detailed a new sophisticated malware campaign that leverages paid ads on search engines like Google to deliver malware to unsuspecting users looking for popular tools like GitHub Desktop. While malvertising campaigns have become commonplace in recent years, the latest activity gives it a little twist of its own: Embedding a GitHub commit into a page URL containing
PromptLock Only PoC, but AI-Powered Ransomware Is Real
PromptLock is only a prototype of LLM-orchestrated ransomware, but hackers already use AI in file encryption and extortion attacks. The post PromptLock Only PoC, but AI-Powered Ransomware Is Real appeared first on SecurityWeek.
The Critical Failure in Vulnerability Management
Organizations are seeking assistance to fix critical vulnerabilities. Solutions that orchestrate and automate network device protection put us on the right path.
Salesloft GitHub Account Compromised Months Before Salesforce Attack
The list of impacted cybersecurity firms has been expanded to include BeyondTrust, Bugcrowd, CyberArk, Cato Networks, JFrog, and Rubrik. The post Salesloft GitHub Account Compromised Months Before Salesforce Attack appeared first on SecurityWeek.
AI in Government
Just a few months after Elon Muskβs retreat from his unofficial role leading the Department of Government Efficiency (DOGE), we have a clearer picture of his vision of government powered by artificial intelligence, and it has a lot more to do with consolidating power than benefitting the public. Even so, we must not lose sight of the fact that a different administration could wield the same technology to advance a more...
Over 6,700 Private Repositories Made Public in Nx Supply Chain Attack
The private repositories of hundreds of organizations were published publicly in the second phase of the Nx supply chain attack. The post Over 6,700 Private Repositories Made Public in Nx Supply Chain Attack appeared first on SecurityWeek.
45 New Domains Linked to Salt Typhoon, UNC4841
The China-backed threat actors have used the previously undiscovered infrastructure to obtain long-term, stealthy access to targeted organizations.
β‘ Weekly Recap: Drift Breach Chaos, Zero-Days Active, Patch Warnings, Smarter Threats & More
Cybersecurity never slows down. Every week brings new threats, new vulnerabilities, and new lessons for defenders. For security and IT teams, the challenge is not just keeping up with the newsβitβs knowing which risks matter most right now. Thatβs what this digest is here for: a clear, simple briefing to help you focus where it counts. This week, one story stands out above the rest: the
You Didnβt Get Phished β You Onboarded the Attacker
When Attackers Get Hired: Todayβs New Identity Crisis What if the star engineer you just hired isnβt actually an employee, but an attacker in disguise? This isnβt phishing; itβs infiltration by onboarding. Meet βJordan from Colorado,β who has a strong resume, convincing references, a clean background check, even a digital footprint that checks out. On day one, Jordan logs into email and attends
Fintech Firm Wealthsimple Says Supply Chain Attack Resulted in Data Breach
Canadian firm Wealthsimple says a data breach impacts the information of some customers, but accounts and funds remain secure. The post Fintech Firm Wealthsimple Says Supply Chain Attack Resulted in Data Breach appeared first on SecurityWeek.
Noisy Bear Campaign Targeting Kazakhstan Energy Sector Outed as a Planned Phishing Test
A threat actor possibly of Russian origin has been attributed to a new set of attacks targeting the energy sector in Kazakhstan. The activity, codenamed Operation BarrelFire, is tied to a new threat group tracked by Seqrite Labs as Noisy Bear. The threat actor has been active since at least April 2025. "The campaign is targeted towards employees of KazMunaiGas or KMG where the threat entity
Noisy Bear Targets Kazakhstan Energy Sector With BarrelFire Phishing Campaign
A threat actor possibly of Russian origin has been attributed to a new set of attacks targeting the energy sector in Kazakhstan. The activity, codenamed Operation BarrelFire, is tied to a new threat group tracked by Seqrite Labs as Noisy Bear. The threat actor has been active since at least April 2025. "The campaign is targeted towards employees of KazMunaiGas or KMG where the threat entity
Malicious npm Packages Impersonate Flashbots, Steal Ethereum Wallet Keys
A new set of four malicious packages have been discovered in the npm package registry with capabilities to steal cryptocurrency wallet credentials from Ethereum developers. "The packages masquerade as legitimate cryptographic utilities and Flashbots MEV infrastructure while secretly exfiltrating private keys and mnemonic seeds to a Telegram bot controlled by the threat actor," Socket researcher
GOP Cries Censorship Over Spam Filters That Work
The chairman of the Federal Trade Commission (FTC) last week sent a letter to Google's CEO demanding to know why Gmail was blocking messages from Republican senders while allegedly failing to block similar missives supporting Democrats. The letter followed media reports accusing Gmail of disproportionately flagging messages from the GOP fundraising platform WinRed and sending them to the spam folder. But according to...
Friday Squid Blogging: The Origin and Propagation of Squid
New research (paywalled): Editorβs summary: Cephalopods are one of the most successful marine invertebrates in modern oceans, and they have a 500-million-year-old history. However, we know very little about their evolution because soft-bodied animals rarely fossilize. Ikegami et al. developed an approach to reveal squid fossils, focusing on their beaks, the sole hard component of their bodies. They found that squids...
How Has IoT Security Changed Over the Past 5 Years?
Experts see subtle improvements from new laws and best practices, but much work remains.
Critical SAP S/4HANA Vulnerability Under Attack, Patch Now
Exploitation of CVE-2025-42957 requires "minimal effort" and can result in a complete compromise of the SAP system and host OS, according to researchers.
Anyone Using Agentic AI Needs to Understand Toxic Flows
The biggest vulnerabilities may lie at the boundaries of where the AI agent connects with the enterprise system.
My Latest Book: Rewiring Democracy
I am pleased to announce the imminent publication of my latest book, Rewiring Democracy: How AI will Transform our Politics, Government, and Citizenship: coauthored with Nathan Sanders, and published by MIT Press on October 21. Rewiring Democracy looks beyond common tropes like deepfakes to examine how AI technologies will affect democracy in five broad areas: politics, legislating, administration, the judiciary, and...
Secretive MaaS Group 'TAG-150' Develops Novel 'CastleRAT'
TAG-150 is running a multifaceted and relatively successful malware-as-a-service operation, without advertising itself on the Dark Web.
NYU team behind AI-powered malware dubbed βPromptLockβΒ
Researchers at NYUβs Tandon School of Engineering confirmed they created the code as part of a project to illustrate potential harms of AI-powered malware. The post NYU team behind AI-powered malware dubbed βPromptLockβ appeared first on CyberScoop.
CISA Orders Immediate Patch of Critical Sitecore Vulnerability Under Active Exploitation
Federal Civilian Executive Branch (FCEB) agencies are being advised to update their Sitecore instances by September 25, 2025, following the discovery of a security flaw that has come under active exploitation in the wild. The vulnerability, tracked as CVE-2025-53690, carries a CVSS score of 9.0 out of a maximum of 10.0, indicating critical severity. "Sitecore Experience Manager (XM), Experience