Malicious npm packages posing as Telegram bot libraries install SSH backdoors and exfiltrate data from Linux developer machines.
When our CEO received an invitation to appear on “Bloomberg Crypto,” he immediately recognized the hallmarks of a sophisticated social engineering campaign. What appeared to be a legitimate media opportunity was, in fact, the latest operation by ELUSIVE COMET—a threat actor responsible for millions in cryptocurrency theft through carefully constructed social engineering attacks.
This post details our encounter with ELUSIVE COMET, explains their attack methodology targeting the Zoom remote control feature, and provides concrete defensive measures organizations can implement to protect themselves.
The crosswalk buttons, which include audio alerts, were hacked over the weekend.
A threat actor claims to offer a zero-day exploit for an unauthenticated remote code execution vulnerability in Fortinet firewalls.
Exploited vulnerabilities have turned up in Ivanti products 16 times since 2024. That’s more than any other vendor in the network edge device space.
Since October 2024, Microsoft Defender Experts has observed and helped multiple customers address campaigns leveraging Node.js to deliver malware and other payloads that ultimately lead to information theft and data exfiltration.
DaVita has not named the ransomware group behind the incident or share details on the attacker’s ransom demands
The Rhysida ransomware gang claims to have stolen 2.5 Tb of files from the Oregon Department of Environmental Quality.
SSL.com before 2025-04-19, when domain validation method 3.2.2.4.14 is used, processes certificate requests such that a trusted TLS certificate may be issued for the domain name of a requester's email address, even when the requester does not otherwise establish administrative control of that domain
In March 2025, our team found a suspicious mach-O file named wsus. Read the full analysis on its likely origins, target users, and observed functionality.
In the past months Microsoft has seen multiple campaigns involving Node.js to deliver malware and other malicious payloads.
Microsoft on Tuesday issued a warning over the increasing use of Node.js for the delivery of malware and other malicious payloads.
The tech giant has been seeing such attacks aimed at its customers since October 2024 and some of the observed campaigns are still active in April 2025.
We dive into one of the most sophisticated and impactful ecosystems within the global cybercrime landscape. Our research looks at tools and techniques, specialized forums, popular services, plus a deeply ingrained culture of secrecy and collaboration.
The notorious BreachForums online hacker marketplace appears to have been seized yet again. This time, it has been claimed by fellow hacktivst gang the Dark Storm Team – the same group believed responsible for last month’s massive outage of Elon Musk’s X.
It all coincides with rumors swirling on social media Tuesday about the arrest of “IntelBroker,” one of BreachForums’ major players.
The pro-Palestinian hacktivist group posted about the Breached takeover on its Dark Storm Team telegram channel early Tuesday morning (ET), claiming to have carried out the distributed denial-of-service (DDoS) attack “for fun.”
Le réseau informatique de l'UCBA a été la cible d'une cyberattaque. L'association a immédiatement mis en place les mesures de sécurité nécessaires et a saisi les autorités compétentes. Une analyse approfondie sur les faits est en cours.
A critical resource that cybersecurity professionals worldwide rely on to identify, mitigate and fix security vulnerabilities in software and hardware is in danger of breaking down. The federally funded, non-profit research and development organization MITRE warned today that its contract…
MITRE Vice President Yosry Barsoum has warned that U.S. government funding for the Common Vulnerabilities and Exposures (CVE) and Common Weakness Enumeration (CWE) programs expires today, which could lead to widespread disruption across the global cybersecurity industry.
China on Tuesday accused three alleged employees of the U.S. National Security Agency of carrying out cyberattacks on the Asian Winter Games in February.
American business service behemoth Conduent has confirmed the January data breach resulted in hackers stealing customer details, although there’s no evidence that the info was leaked online.
The attack hit the company in mid-January this year, Conduent confirmed on a FORM-8K filing with the SEC. Attackers penetrated digital defenses and accessed a “limited portion” of Conduent’s environment.
Several of Conduent’s clients experienced disruption in the initial days of the attack. For example, Wisconsin’s Department of Children and Families said the outage impacted payees who receive their payments via an electronic transfer system.
Un tribunal de Cracovie a condamné le 14 février deux Russes pour leur campagne de recrutement pour Wagner. Une opération directement pilotée depuis la Russie. Les détails du procès permettent de comprendre les contours de la "guerre hybride" que mène Moscou à l'Europe. - "Rejoignez-nous" : ce que révèle le procès de deux agents de Wagner sur leur activité en Europe (International).
