Since October 2024, Microsoft Defender Experts has observed and helped multiple customers address campaigns leveraging Node.js to deliver malware and other payloads that ultimately lead to information theft and data exfiltration.

The president and former prime minister were among targets of hackers selling highly sensitive data.

Une enquête a été ouverte et confiée à la brigade de lutte contre la cybercriminalité.

Un groupe de hackers russe a volé près de 200 Go de données à une entreprise de placement suisse et les a divulgués sur le darknet.

Un ancien ministre de Vladimir Poutine et la famille du patron d'une entreprise publique russe, impliquée dans l'effort de guerre, se retrouvent dans les données inédites repérées par la RTS. Des liens avec la place financière suisse sont mis en lumière.
Ces révélations proviennent des documents confidentiels de la société de gestion de fortune zurichoise Finaport. Tout commence en janvier 2023 lorsque l'entreprise, sponsor officiel de l'Open de tennis de Zoug, est victime d'un piratage, comme le révélait le site Watson.

Cybercrime crew BianLian says it has broken into the IT systems of a top nonprofit and stolen a ton of files, including what the miscreants claim is financial, health, and medical data.

As highlighted by VX-Underground and Emsisoft threat analyst Brett Callow earlier today, BianLian bragged on its website it had hit an organization that, based on the gang's description of its unnamed victim, looks to be Save The Children International. The NGO, which employs about 25,000 people, says it has helped more than a billion kids since it was founded in 1919.

In June 2023, Bitdefender Labs published a research paper about espionage operation in East Asia. This operation was ongoing since at least the beginning of 2022, showing a high level of sophistication typically associated with state-sponsored groups. Despite trying various methods, we have been unable to attribute these attacks to a specific threat actor, but the target aligns with the interest of China-based threat actors.

Plugins can return malicious content and hijack your AI.

We are working diligently to understand the scope of the incident and identify what specific information has been accessed.

A malicious Python file found on the PyPI repo adds backdoor and data exfiltration features to what appears to be a legitimate SDK client from SentinelOne.

This week, immensely popular PyPI package 'ctx' has been compromised and altered to steal environment variables from its users. Additionally, a forked PHP project 'phpass' also suffered a repo-hijacking attack with the project tained with identical malicious payload.

Web users enter their email addresses into online forms for a variety of reasons, including signing in or signing up for a service or subscribing to a newsletter. While enabling such functionality, email addresses typed into forms can also be collected by third-party scripts even when users change their minds and leave the site without submitting the form.