Cybersecurity researchers have discovered a cybercrime campaign that’s using malvertising tricks to direct victims to fraudulent sites to deliver a new information stealer called TamperedChef. “The objective is to lure victims into downloading and installing a trojanized PDF editor, which includes an information-stealing malware dubbed TamperedChef,” Truesec researchers Mattias Wåhlén, Nicklas Go to Source Author:
Author Archives: Onsite Computing, Inc.
Google reports that the Salesloft Drift breach is larger than initially thought, warning that attackers also used stolen OAuth tokens to access Google Workspace email accounts in addition to Salesforce data. […] Go to Source Author: Lawrence Abrams
Three federal agencies were parties to a global security advisory this week warning about the extensive threat posed by Chinese nation-state actors targeting network devices. Go to Source Author: Alexander Culafi
The credit reporting agency said the breach was “limited to specific data elements” and didn’t include credit reports or core credit information. Go to Source Author: Kristina Beek
The U.S. Treasury’s Office of Foreign Assets Control (OFAC) has sanctioned two individuals and two companies associated with North Korean IT worker schemes that operate at the expense of American organizations. […] Go to Source Author: Bill Toulas
Flashpoint published its 2025 midyear ransomware report that highlighted the top five most prolific groups currently in operation. Go to Source Author: Arielle Waldman
One of the most sophisticated supply chain attacks to date caused immense amounts of data to leak to the Web in a matter of hours. Go to Source Author: Nate Nelson, Contributing Writer
Google is working to resolve authentication failures preventing users from signing into their Clever and ClassLink accounts on some ChromeOS devices. […] Go to Source Author: Sergiu Gatlan
Dark Reading Confidential Episode 9: Join us for a look around today’s Dark Web, and find out how law enforcement, AI, nation-state activities, and more are reshaping the way cybercriminals conduct their dirty business online. Keith Jarvis, senior security researcher at Sophos’ Counter Threat Unit joins Dark Reading’s Alex Culafi for a conversation you don’t […]
Cybersecurity researchers have discovered a loophole in the Visual Studio Code Marketplace that allows threat actors to reuse names of previously removed extensions. Software supply chain security outfit ReversingLabs said it made the discovery after it identified a malicious extension named “ahbanC.shiba” that functioned similarly to two other extensions – ahban.shiba and ahban.cychelloworld – Go […]