Over 320 NPM Packages Hit by Fresh Mini Shai-Hulud Supply Chain Attack
A fresh Mini Shai-Hulud supply chain attack has hit over 320 NPM packages, along with GitHub Actions and a VS Code extension.
Fonte
securityweek.com
15articoli totali nell'archivio
Caught Off Guard: Securing AI After It Hits Production
How security organizations can manage the rapid progression of AI applications moving from the experimentation phase into…
Real-World ICS Security Tales From the Trenches
Industrial control system (ICS) security experts and companies share their most memorable experiences from the field.
Virtual Event Today: Threat Detection & Incident Response Summit
Threat Detection & Incident Response Summit explores tools, strategies, and frameworks needed to build a resilient cybersecurity…
GitHub Confirms Hack Impacting 3,800 Internal Repositories
GitHub has confirmed that roughly 3,800 internal repositories were hacked after an employee installed an infected VS Code…
Verizon DBIR 2026: Vulnerability Exploitation Overtakes Credential Theft as Top…
Verizon’s 2026 DBIR shows vulnerability exploitation was the top breach vector in 2025 as AI accelerated attacks, ransomware…
Drupal to Patch Highly Critical Vulnerability at Risk of Quick Exploitation
Drupal is warning users that it’s preparing a patch for a ‘highly critical’ vulnerability that may be exploited shortly after its…
Microsoft Disrupts Malware-Signing Service Run by 'Fox Tempest'
Microsoft has disrupted the Fox Tempest cybercrime service that has been helping threat actors distribute ransomware and other…
Legacy Windows Tool MSHTA Fuels Surge in Silent Malware Attacks
Attackers are increasingly abusing Microsoft’s legacy MSHTA utility to silently deliver malware, stealers, and persistent threats.
Unpatched ChromaDB Vulnerability Can Lead to Server Takeover
An unpatched vulnerability in ChromaDB could be exploited without authentication for remote code execution and server takeover.
B1ack's Stash Marketplace Gives Away 4.6 Million Stolen Credit Cards
The B1ack’s Stash dark web carding marketplace has released 4.6 million stolen credit card records as a free download.
Cyber Resilience is the New Business Continuity Plan
Cyber resilience and risk management are front and center of continuity planning and must be treated as such
201 Arrested in Crackdown on Cybercrime in Middle East, North Africa
201 individuals were arrested and 53 servers seized in Operation Ramz, targeting phishing and malware threats in the MENA region.
PoC Released for DirtyDecrypt Linux Kernel Vulnerability
PoC code has been released for DirtyDecrypt, a recently patched Linux kernel vulnerability allowing privilege escalation to root.
Critical Vulnerability Exposes Industrial Robot Fleets to Hacking
Universal Robots PolyScope 5 is affected by CVE-2026-8153, a vulnerability that can be exploited to hack industrial robots.