Slopsquatting: How Attackers Exploit AI-Generated Package Names
TL;DR AI coding assistants can hallucinate package names, creating phantom dependencies that don’t exist in official repositories. Attackers exploit...
AndyC
Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.
Stryker Down! Iranians Hack the Healthcare Sector Technology Provider
Stryker, a major medical equipment provider for the healthcare sector, has suffered a destructive cyberattack that wiped corporate data...
Spotlight On: Amazon, a New Principal Participating Organization
Welcome Amazon, a new Principal Participating Organization (PPO) at the PCI Security Standards Council! In this special spotlight edition of...
Iran-Backed Hackers Claim Wiper Attack on Medtech Firm Stryker
A hacktivist group with links to Iran’s intelligence agencies is claiming responsibility for a data-wiping attack against Stryker, a global...
USENIX Security ’25 (Enigma Track) – Digital Product Safety: Rejecting Software As Magic
Author, Creator & Presenter:Lisa LeVasseur Our thanks to USENIX Security ’25 (Enigma Track) (USENIX ’25 for publishing their Creators,...
Randall Munroe’s XKCD ‘Carbon Dating’
via the comic artistry and dry wit of Randall Munroe, creator of XKCD Permalink *** This is a Security...
Iran-Backed Hackers Claim Wiper Attack on Medtech Firm Stryker
A hacktivist group with links to Iran’s intelligence agencies is claiming responsibility for a data-wiping attack against Stryker, a...
A Cyber Resilience Agenda: Inside the European Central Bank’s 2026–2028 Priorities
How Cybersecurity Became the Defining Challenge for European Banks *** This is a Security Bloggers Network syndicated blog from...
It looks like Macs are becoming the value option
As a result, the number of people Apple can offer a Mac to is growing as rapidly as the product...
Researchers Trick Perplexity’s Comet AI Browser Into Phishing Scam in Under Four Minutes
Ravie LakshmananMar 11, 2026Artificial Intelligence / Browser Security Agentic web browsers that leverage artificial intelligence (AI) capabilities to autonomously execute...
Critical n8n Flaws Allow Remote Code Execution and Exposure of Stored Credentials
Ravie LakshmananMar 11, 2026 Vulnerability / Application Security Cybersecurity researchers have disclosed details of two now-patched security flaws in the...
Meta Disables 150K Accounts Linked to Southeast Asia Scam Centers in Global Crackdown
Ravie LakshmananMar 11, 2026Cybercrime / Artificial Intelligence Meta on Wednesday said it disabled over 150,000 accounts associated with scam centers...
Evil evolution: ClickFix and macOS infostealers
This campaign – use of a popular and up-to-date lure notwithstanding – has all the hallmarks of a ‘classic’ ClickFix...
USENIX Security ’25 (Enigma Track) – Everything Old Is New Again: Legal Restrictions On Vulnerability Disclosure On Bug Bounty Platforms
Author, Creator & Presenter: Kendra Albert, Albert Sellars LLP Our thanks to USENIX Security ’25 (Enigma Track) (USENIX ’25...
Navigating 2026’s Converged Threats: Insights from Flashpoint’s Global Threat Intelligence Report
Blogs Blog In this post, we preview the critical findings of the 2026 Global Threat Intelligence Report, highlighting how...