Developers are facing a sophisticated new threat as cybercriminals launch targeted phishing campaigns against npm package maintainers, using advanced typosquatting techniques to steal credentials and potentially compromise the software supply chain.
A recent incident has revealed the alarming sophistication of these attacks, which specifically...
A new ransomware variant dubbed NailaoLocker is making waves in cybersecurity circles for its sophisticated deployment of the Chinese SM2 cryptographic standard, a first among ransomware strains targeting Microsoft Windows systems.
Discovered by FortiGuard Labs, NailaoLocker raises the stakes in the global cyber threat landscape with...
eSentire’s Threat Response Unit (TRU) has uncovered a highly sophisticated attack campaign leveraging Zoho WorkDrive to deliver the increasingly prevalent PureRAT malware, targeting a certified public accounting firm in the United States in May 2025.
This operation highlights the evolving tactics of cybercriminals, who...
A recent targeted cyberattack against government IT services in Africa has been attributed to the Chinese-speaking threat group APT41, marking a significant expansion of the group’s activity in the region.
Kaspersky’s Managed Detection and Response (MDR) analysts uncovered the operation, which leveraged advanced techniques,...
A critical security vulnerability (CVE-2025-34300) has been discovered in Lighthouse Studio, the widely-used survey software suite developed by Sawtooth Software.
This flaw enables remote code execution (RCE) on web servers hosting their Perl CGI scripts, potentially granting attackers complete control over affected systems.
Assetnote,...
June 2025 has witnessed the emergence of a formidable new ransomware, KAWA4096, which exploits Windows Management Instrumentation (WMI) to erase shadow copies and maximize its destructive impact on victims.
Security experts at SpiderLabs have been actively monitoring KAWA4096, which, in less than a month,...