DPRK Hackers Use ClickFix to Deliver BeaverTail Malware in Crypto Job Scams
Threat actors with ties to the Democratic People's Republic of Korea (aka…
LastPass Warns of Fake Repositories Infecting macOS with Atomic Infostealer
Sep 20, 2025Ravie LakshmananSoftware Security / Malware LastPass is warning of an…
HiddenGh0st, Winos and kkRAT Exploit SEO, GitHub Pages in Chinese Malware Attacks
Chinese-speaking users are the target of a search engine optimization (SEO) poisoning…
FBI Warns of UNC6040 and UNC6395 Targeting Salesforce Platforms in Data Theft Attacks
The U.S. Federal Bureau of Investigation (FBI) has issued a flash alert…
GitHub Account Compromise Led to Salesloft Drift Breach Affecting 22 Companies
Sep 08, 2025Ravie LakshmananSupply Chain Attack / API Security Salesloft has revealed…
Malicious npm Packages Exploit Ethereum Smart Contracts to Target Crypto Developers
Sep 03, 2025Ravie LakshmananMalware / Social Engineering Cybersecurity researchers have discovered two…
Malicious Go Module Poses as SSH Brute-Force Tool, Steals Credentials via Telegram Bot
Aug 24, 2025Ravie LakshmananMalware / Supply Chain Security Cybersecurity researchers have discovered…
How to Stop Python Supply Chain Attacks—and the Expert Tools You Need
Aug 07, 2025The Hacker NewsDevSecOps / Supply Chain Security Python is everywhere…
Cursor AI Code Editor Fixed Flaw Allowing Attackers to Run Commands via Prompt Injection
Cybersecurity researchers have disclosed a now-patched, high-severity security flaw in Cursor, a…