Ripple’s xrpl.js npm Package Backdoored to Steal Private Keys in Major Supply Chain Attack
Apr 23, 2025Ravie LakshmananBlockchain / Cryptocurrency The Ripple cryptocurrency npm JavaScript library…
Docker Malware Exploits Teneo Web3 Node to Earn Crypto via Fake Heartbeat Signals
Apr 22, 2025Ravie LakshmananIoT Security / Malware Cybersecurity researchers have detailed a…
GCP Cloud Composer Bug Let Attackers Elevate Access via Malicious PyPI Packages
Cybersecurity researchers have detailed a now-patched vulnerability in Google Cloud Platform (GCP)…
Lotus Panda Hacks SE Asian Governments With Browser Stealers and Sideloaded Malware
Apr 22, 2025Ravie LakshmananCyber Espionage / Threat Intelligence The China-linked cyber espionage…
Kimsuky Exploits BlueKeep RDP Vulnerability to Breach Systems in South Korea and Japan
Apr 21, 2025Ravie LakshmananMalware / Vulnerability Cybersecurity researchers have flagged a new…
5 Reasons Device Management Isn’t Device Trust
The problem is simple: all breaches start with initial access, and initial…
CVE-2025-24054 Under Active Attack—Steals NTLM Credentials on File Download
Apr 18, 2025Ravie LakshmananWindows Security / Vulnerability The U.S. Cybersecurity and Infrastructure…
Experts Uncover New XorDDoS Controller, Infrastructure as Malware Expands to Docker, Linux, IoT
Apr 18, 2025Ravie LakshmananIoT Security / Malware Cybersecurity researchers are warning of…
APT29 Deploys GRAPELOADER Malware Targeting European Diplomats Through Wine-Tasting Lures
The Russian state-sponsored threat actor known as APT29 has been linked to…