Hidden Logic Bombs in Malware-Laced NuGet Packages Set to Detonate Years After Installation
Nov 07, 2025Ravie LakshmananSupply Chain Attack / Malware A set of nine…
Vibe-Coded Malicious VS Code Extension Found with Built-In Ransomware Capabilities
Cybersecurity researchers have flagged a malicious Visual Studio Code (VS Code) extension…
Nation-State Hackers Deploy New Airstalk Malware in Suspected Supply Chain Attack
Oct 31, 2025Ravie LakshmananMalware / Browser Security A suspected nation-state threat actor…
North Korean Hackers Combine BeaverTail and OtterCookie into Advanced JS Malware
The North Korean threat actor linked to the Contagious Interview campaign has…
Chinese Threat Group ‘Jewelbug’ Quietly Infiltrated Russian IT Network for Months
A threat actor with ties to China has been attributed to a…
Why Unmonitored JavaScript Is Your Biggest Holiday Security Risk
Think your WAF has you covered? Think again. This holiday season, unmonitored…
Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories
A security weakness has been disclosed in the artificial intelligence (AI)-powered code…
Chinese Hackers Target Taiwan’s Semiconductor Sector with Cobalt Strike, Custom Backdoors
The Taiwanese semiconductor industry has become the target of spear-phishing campaigns undertaken…
LangSmith Bug Could Expose OpenAI Keys and User Data via Malicious Agents
Jun 17, 2025Ravie LakshmananVulnerability / LLM Security Cybersecurity researchers have disclosed a…