Malicious Open Source Packages Spike 188% YoY
Malicious Open Source Packages Spike 188% YoY According to a new report from Sonatype, malicious open source packages have surged by 188% year on year. This spike highlights a concerning…
Suspected Hacker Linked to Silk Typhoon Arrested in Milan
Italian police arrested 33-year-old Xu Zewei, a Chinese national wanted by the FBI for alleged industrial espionage. The arrest occurred at Milan’s Malpensa airport, and he is accused of attempting…
Hackers ‘Shellter’ Various Stealers in Red-Team Tool to Evade Detection
Hackers ‘Shellter’ Various Stealers in Red-Team Tool to Evade Detection Researchers have uncovered multiple campaigns spreading Lumma, Arechclient2, and Rhadamanthys malware by leveraging key features of the AV/EDR evasion framework.…
4 Critical Steps in Advance of 47-Day SSL/TLS Certificates
Summary The decision to reduce the maximum lifespan of SSL/TLS certificates to just 47 days by 2029 is causing a significant shift in how organisations manage their digital trust. As…
TAG-140 Targets Indian Government Via ‘ClickFix-Style’ Lure
TAG-140 Targets Indian Government Via ‘ClickFix-Style’ Lure A hacking group known as TAG-140 has been targeting Indian government bodies with a modified remote access Trojan (RAT) in a campaign utilizing…
Know Your Enemy: Understanding Dark Market Dynamics
Summary Cybercrime is not just a fringe activity; it has evolved into a sophisticated marketplace. This article explores how dark web markets operate, highlighting their similarities to traditional retail, including…
SatanLock Next in Line for Ransomware Group Shutdowns
SatanLock Next in Line for Ransomware Group Shutdowns SatanLock, a relatively new player in the ransomware game, has announced its closure via its Telegram channel and Dark Web leak site.…
Microsoft Patches 137 CVEs in July, but No Zero-Days
Microsoft’s July security update has addressed 137 vulnerabilities, notably without any zero-day flaws. Among these, 17 vulnerabilities are identified as high-risk, particularly affecting remote code execution in crucial applications like…
North American APT Uses Exchange Zero-Day to Attack China
Summary A North American advanced persistent threat (APT) has been exploiting an unknown zero-day vulnerability in Microsoft Exchange to gather sensitive intelligence from China’s military and tech industries. Researchers from…
Browser Exploits Wane as Users Become the Attack Surface
Summary As enterprise security evolves, browser exploits are on the decline, with attackers switching tactics to exploit users directly. Despite ongoing browser vulnerabilities, actual browser attacks are decreasing as they…