DevSecOpsDangerous npm package ‘patches’ legitimate software with malwareLaura FrenchMarch 26, 2025The malware targets the “ethers” package and opens a reverse shell.
Data SecurityLeak of US strike plans to The Atlantic underscores risk of data seepageShaun NicholsMarch 26, 2025Human error often at center of data leaks from secured messaging platforms like the recent leak of U.S. strikes on Houthi rebels in Yemen.
IdentityAtlantis AIO tool automates credential stuffing across 140 platformsSteve ZurierMarch 26, 2025New tool can test millions of stolen credentials with minimal effort to run account takeovers.
Network SecurityChinese hackers spend years roaming telecommunications serviceShaun NicholsMarch 25, 2025China Chopper malware allowed threat group "Weaver Ant" to remain undetected for years.
IdentityFate of DNA data raises privacy, identity issues in 23andMe bankruptcySteve ZurierMarch 25, 2025Privacy advocates worry how the DNA data will be managed during company's Chapter 11 proceedings.
Network SecurityFCC vows to track down sanctioned Chinese telecoms banned from USShaun NicholsMarch 24, 2025U.S.-based carriers blocked from using China-based services and equipment.
RansomwareMedusa ransomware deployed via malicious Windows driverSteve ZurierMarch 24, 2025Driver with expired certificate evades EDR controls and deploys Medusa ransomware.
AI/MLNorth Korea launches hacking hub focused on artificial intelligenceShaun NicholsMarch 21, 2025"Research Center 227" reportedly focused on using AI for cyberattacks.
AI/MLPopular AI tools tricked to create malware for Chrome browserSteve ZurierMarch 21, 2025Cato Networks researchers create jailbreak method where hacking is normal in an alternate reality.
Network SecurityRooted, jailbroken mobile devices pose security risk to organizationsShaun NicholsMarch 20, 2025One out of every 1,000 devices it encounters have either been rooted (Android) or jailbroken (iOS).
