A new actor has emerged within cyberspace—Water Curse, a threat group that since March 2023 has been...
Supply Chain Attack
In recent times, cybercriminals have increasingly shifted their focus from deploying malware to employing subtle manipulations rooted...
Amid a surge in increasingly sophisticated software supply chain attacks, cybersecurity experts have identified a new wave...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an official warning: threat actors are actively...
Two malicious packages were recently discovered within the widely used JavaScript package registry, npm. Beneath their seemingly...
A large-scale supply chain attack has been identified on the NPM platform: threat actors compromised 17 widely...
A recently uncovered malicious campaign is leveraging GitHub as a trap for security professionals, gamers, and even...
Hackers have compromised the official website of RVTools—a widely used utility for managing VMware virtual infrastructures—and replaced...
Malicious actors have once again targeted the npm ecosystem, this time through a package named “os-info-checker-es6”, which...
The group known as Earth Ammit, affiliated with Chinese-speaking APT entities, conducted two waves of targeted attacks...
Threat actors uploaded a malicious package to the official PyPI repository, disguised as a legitimate tool for...
Researchers at Socket have uncovered a new attack targeting the macOS version of the popular source code...
Three malicious components have been discovered within the Go programming module ecosystem, capable of triggering complete data...
The threat of software supply chain compromise has once again resurfaced: the Ripple-recommended library “xrpl.js”, used for...
Experts at Socket have uncovered a new software supply chain attack involving counterfeit npm libraries masquerading as...