Stay Updated with the Latest Tech News
Get ahead of the curve with the latest insights, trends, and analysis in the tech world.
Browse by Category
North Korean Hackers Deploy BeaverTail Malware via 11 Malicious npm Packages
The North Korean threat actors behind the ongoing Contagious Interview campaign are spreading their tentacles on the npm ecosystem by publishing more malicious packages that deliver the BeaverTail malware, as well as a new remote access trojan (RAT) loader. "These latest samples employ hexadecimal string encoding to evade automated detection systems and manual code audits, signaling a variation
Published on: April 05, 2025 | Source:
Share on Facebook
Share in Tweet (rip twitter)
Share on LinkedIn
Share on Reddit
Share on Threads
Share on Bluesky
Malicious Python Packages on PyPI Downloaded 39,000+ Times, Steal Sensitive Data
Cybersecurity researchers have uncovered malicious libraries in the Python Package Index (PyPI) repository that are designed to steal sensitive information and test stolen credit card data. Two of the packages, bitcoinlibdbfix and bitcoinlib-dev, masquerade as fixes for recent issues detected in a legitimate Python module called bitcoinlib, according to ReversingLabs. A third package discovered
Published on: April 05, 2025 | Source:Friday Squid Blogging: Two-Man Giant Squid
The Brooklyn indie art-punk group, Two-Man Giant Squid, just released a new album. As usual, you can also use this squid post to talk about the security stories in the news that I havenβt covered.
Published on: April 04, 2025 | Source:Gmail Is Not a Secure Way to Send Sensitive Comms: A Friendly Reminder
New end-to-end Gmail encryption alone isn't secure enough for an enterprise's most sensitive and prized data, experts say.
Published on: April 04, 2025 | Source:Gmail for Sensitive Comms: What's the Risk?
Is the new end-to-end Google Workspace Gmail encryption secure enough for an enterprise's most sensitive and prized data? Our experts weigh in.
Published on: April 04, 2025 | Source:RSAC Unveils Keynote Speaker Slate for RSAC (TM) 2025 Conference
Published on: April 04, 2025 | Source:
CISA Warns: Old DNS Trick 'Fast Flux' Is Still Thriving
An old DNS switcheroo technique is still helping attackers keep their infrastructure alive. But is it really a pressing issue in 2025?
Published on: April 04, 2025 | Source:Senators re-up bill to expand Secret Serviceβs financial cybercrime authorities
The bipartisan legislation would strengthen the agencyβs authorities to investigate criminal activity tied to digital assets. The post Senators re-up bill to expand Secret Serviceβs financial cybercrime authorities appeared first on CyberScoop.
Published on: April 04, 2025 | Source:Minnesota Tribe Struggles After Ransomware Attack
Hotel and casino operations for the Lower Sioux Indians have been canceled or postponed, and the local health center is redirecting those needing medical or dental care.
Published on: April 04, 2025 | Source:Cyber Forensic Expert in 2,000+ Cases Faces FBI Probe
A Minnesota cybersecurity and computer forensics expert whose testimony has featured in thousands of courtroom trials over the past 30 years is facing questions about his credentials and an inquiry from the Federal Bureau of Investigation (FBI). Legal experts say the inquiry could be grounds to reopen a number of adjudicated cases in which the expert's testimony may have been pivotal.
Published on: April 04, 2025 | Source:Call Records of Millions Exposed by Verizon App Vulnerability
A patch has been released for a serious information disclosure vulnerability affecting a Verizon call filtering application. The post Call Records of Millions Exposed by Verizon App Vulnerability appeared first on SecurityWeek.
Published on: April 04, 2025 | Source:Medusa Rides Momentum From Ransomware-as-a-Service Pivot
Shifting to a RaaS business model has accelerated the group's growth, and targeting critical industries like healthcare, legal, and manufacturing hasn't hurt either.
Published on: April 04, 2025 | Source:In Other News: Apple Improving Malware Detection, Cybersecurity Funding, Cyber Command Chief Fired
Noteworthy stories that might have slipped under the radar: Apple adding TCC events to Endpoint Security, cybersecurity funding report for Q1 2025, Trump fires the head of NSA and Cyber Command. The post In Other News: Apple Improving Malware Detection, Cybersecurity Funding, Cyber Command Chief Fired appeared first on SecurityWeek.
Published on: April 04, 2025 | Source:Trump fires Gen. Timothy Haugh from leadership of Cyber Command and NSA
Gen. Haugh is one of the most high-profile national security officials to be removed by President Trump in the early months of his second term. The post Trump fires Gen. Timothy Haugh from leadership of Cyber Command and NSA appeared first on CyberScoop.
Published on: April 04, 2025 | Source:CISA Layoffs Are a Momentary Disruption, Not a Threat
Layoffs may cause short-term disruptions, but they don't represent a catastrophic loss of cybersecurity capability β because the true cyber operations never resided solely within CISA to begin with.
Published on: April 04, 2025 | Source:Secure Communications Evolve Beyond End-to-End Encryption
Signal, Wickr, WhatsApp, and Cape all have different approaches to security and privacy, yet most are finding ways to make secure communications more private.
Published on: April 04, 2025 | Source:State Bar of Texas Says Personal Information Stolen in Ransomware Attack
The State Bar of Texas is notifying thousands of individuals that their personal information was stolen in a February ransomware attack. The post State Bar of Texas Says Personal Information Stolen in Ransomware Attack appeared first on SecurityWeek.
Published on: April 04, 2025 | Source:SpotBugs Access Token Theft Identified as Root Cause of GitHub Supply Chain Attack
The cascading supply chain attack that initially targeted Coinbase before becoming more widespread to single out users of the "tj-actions/changed-files" GitHub Action has been traced further back to the theft of a personal access token (PAT) related to SpotBugs. "The attackers obtained initial access by taking advantage of the GitHub Actions workflow of SpotBugs, a popular open-source tool for
Published on: April 04, 2025 | Source:US, Allies Warn of Threat Actors Using βFast Fluxβ to Hide Server Locations
US and allied countries warn of threat actors using the βfast fluxβ technique to change DNS records and hide malicious serversβ locations. The post US, Allies Warn of Threat Actors Using βFast Fluxβ to Hide Server Locations appeared first on SecurityWeek.
Published on: April 04, 2025 | Source:Troy Hunt Gets Phished
In case you need proof that anyone, even people who do cybersecurity for a living, Troy Hunt has a long, iterative story on his webpage about how he got phished. Worth reading. EDITED TO ADD (4/14): Commentary from Adam Shostack and Cory Doctorow.
Published on: April 04, 2025 | Source:Have We Reached a Distroless Tipping Point?
Thereβs a virtuous cycle in technology that pushes the boundaries of whatβs being built and how itβs being used. A new technology development emerges and captures the world's attention. People start experimenting and discover novel applications, use cases, and approaches to maximize the innovation's potential. These use cases generate significant value, fueling demand for the next iteration of
Published on: April 04, 2025 | Source:Oracle Confirms Cloud Hack
Oracle has confirmed suffering a data breach but the tech giant is apparently trying to downplay the impact of the incident. The post Oracle Confirms Cloud Hack appeared first on SecurityWeek.
Published on: April 04, 2025 | Source:Critical Apache Parquet Vulnerability Leads to Remote Code Execution
A critical vulnerability in Apache Parquet can be exploited to execute arbitrary code remotely, leading to complete system compromise. The post Critical Apache Parquet Vulnerability Leads to Remote Code Execution appeared first on SecurityWeek.
Published on: April 04, 2025 | Source:Compromised SpotBugs Token Led to GitHub Actions Supply Chain Hack
Evidence shows a SpotBugs token compromised in December 2024 was used in the March 2025 GitHub Actions supply chain attack. The post Compromised SpotBugs Token Led to GitHub Actions Supply Chain Hack appeared first on SecurityWeek.
Published on: April 04, 2025 | Source:Rafts of Security Bugs Could Rain Out Solar Grids
At least three major energy solution and renewable energy companies have nearly 50 vulnerabilities β many of them "basic" mistakes β indicating a lack of developed cybersecurity safeguards.
Published on: April 04, 2025 | Source:Critical Ivanti Flaw Actively Exploited to Deploy TRAILBLAZE and BRUSHFIRE Malware
Ivanti has disclosed details of a now-patched critical security vulnerability impacting its Connect Secure product that has come under active exploitation in the wild. The vulnerability, tracked as CVE-2025-22457 (CVSS score: 9.0), concerns a case of a stack-based buffer overflow that could be exploited to execute arbitrary code on affected systems. "A stack-based buffer overflow in Ivanti
Published on: April 04, 2025 | Source:OPSEC Failure Exposes Coquettteβs Malware Campaigns on Bulletproof Hosting Servers
A novice cybercrime actor has been observed leveraging the services of a Russian bulletproof hosting (BPH) provider called Proton66 to facilitate their operations. The findings come from DomainTools, which detected the activity after it discovered a phony website named cybersecureprotect[.]com hosted on Proton66 that masqueraded as an antivirus service. The threat intelligence firm said it
Published on: April 04, 2025 | Source:CERT-UA Reports Cyberattacks Targeting Ukrainian State Systems with WRECKSTEEL Malware
The Computer Emergency Response Team of Ukraine (CERT-UA) has revealed that no less than three cyber attacks were recorded against state administration bodies and critical infrastructure facilities in the country with an aim to steal sensitive data. The campaign, the agency said, involved the use of compromised email accounts to send phishing messages containing links pointing to legitimate
Published on: April 04, 2025 | Source:Critical Flaw in Apache Parquet Allows Remote Attackers to Execute Arbitrary Code
A maximum severity security vulnerability has been disclosed in Apache Parquet's Java Library that, if successfully exploited, could allow a remote attacker to execute arbitrary code on susceptible instances. Apache Parquet is a free and open-source columnar data file format that's designed for efficient data processing and retrieval, providing support for complex data, high-performance
Published on: April 04, 2025 | Source:China-backed espionage group hits Ivanti customers again
UNC5221 has a knack for exploiting defects in Ivanti products. The group has exploited at least four vulnerabilities in the vendorβs products since 2023, according to Mandiant. The post China-backed espionage group hits Ivanti customers again appeared first on CyberScoop.
Published on: April 03, 2025 | Source:Microsoft Boosts Email Sender Rules for Outlook
Beginning on May 5, the tech giant will enforce new email authentication protocols for Outlook users who send large volumes of email.
Published on: April 03, 2025 | Source:China-Linked Threat Group Exploits Ivanti Bug
The vendor had originally assessed the flaw as low risk but now says it is a critical issue that enables remote code execution.
Published on: April 03, 2025 | Source:Disclosure Drama Clouds CrushFTP Vulnerability Exploitation
CrushFTP CEO Ben Spink slammed several cybersecurity companies for creating confusion around a critical authentication bypass flaw that's currently under attack.
Published on: April 03, 2025 | Source:International intelligence agencies raise the alarm on fast flux
The NSA and its partners want organizations to protect themselves against the technique, which can be tough to spot. The post International intelligence agencies raise the alarm on fast flux appeared first on CyberScoop.
Published on: April 03, 2025 | Source:Microsoft Warns of Tax-Themed Email Attacks Using PDFs and QR Codes to Deliver Malware
Microsoft is warning of several phishing campaigns that are leveraging tax-related themes to deploy malware and steal credentials. "These campaigns notably use redirection methods such as URL shorteners and QR codes contained in malicious attachments and abuse legitimate services like file-hosting services and business profile pages to avoid detection," Microsoft said in a report shared with The
Published on: April 03, 2025 | Source: