While no sensitive financial data like credit card information was compromised, the threat actors were able to get away with names, email addresses, phone numbers, and more. Go to Source Author: Kristina Beek
Category Archives: Uncategorized
Silver Fox is the Hannah Montana of Chinese threat actors, effortlessly swapping between petty criminal and nation-state-type attacks. Go to Source Author: Nate Nelson, Contributing Writer
A software developer discovered a way to abuse an undocumented protocol in Amazon’s Elastic Container Service to escalate privileges, cross boundaries, and gain access to other cloud resources. Go to Source Author: Rob Wright
As part of their plea deal, the cybercriminal founders will also have to forfeit more than $200 million. Go to Source Author: Kristina Beek
A whole criminal ecosystem revolves around scamming users out of their crypto assets, but malicious — or vulnerable — smart contracts could be used against businesses as well. Go to Source Author: Robert Lemos, Contributing Writer
When an organization’s credentials are leaked, the immediate consequences are rarely visible—but the long-term impact is far-reaching. Far from the cloak-and-dagger tactics seen in fiction, many real-world cyber breaches begin with something deceptively simple: a username and password. According to Verizon’s 2025 Data Breach Investigations Report, leaked credentials accounted for 22% of breaches Go to […]
A fresh set of 60 malicious packages has been uncovered targeting the RubyGems ecosystem by posing as seemingly innocuous automation tools for social media, blogging, or messaging services to steal credentials from unsuspecting users. The activity is assessed to be active since at least March 2023, according to the software supply chain security company Socket. […]
A newly discovered campaign dubbed GreedyBear has leveraged over 150 malicious extensions to the Firefox marketplace that are designed to impersonate popular cryptocurrency wallets and steal more than $1 million in digital assets. The published browser add-ons masquerade as MetaMask, TronLink, Exodus, and Rabby Wallet, among others, Koi Security researcher Tuval Admoni said. What makes […]
The threat actors behind the SocGholish malware have been observed leveraging Traffic Distribution Systems (TDSs) like Parrot TDS and Keitaro TDS to filter and redirect unsuspecting users to sketchy content. “The core of their operation is a sophisticated Malware-as-a-Service (MaaS) model, where infected systems are sold as initial access points to other cybercriminal organizations,” Silent […]
Python is everywhere in modern software. From machine learning models to production microservices, chances are your code—and your business—depends on Python packages you didn’t write. But in 2025, that trust comes with a serious risk. Every few weeks, we’re seeing fresh headlines about malicious packages uploaded to the Python Package Index (PyPI)—many going undetected until […]