North Korean Hackers Publish 26 npm Packages Hiding Pastebin C2 for Cross-Platform RAT
Ravie LakshmananMar 02, 2026Supply Chain Attack / Malware Cybersecurity researchers have disclosed a new iteration of the ongoing Contagious Interview...
attack
Iran Has One Card Left—It’s Pointed at Your Network
In light of today’s attack by the U.S. and Israel on Iran, it is prudent to ask: What can...
How vCISO Services Reduce Cyber Risk Without Increasing Costs?
Smaller organizations are increasingly under attack, with ransomware emerging as the dominant threat. According to the Verizon 2025 Data...
How to understand and avoid Advanced Persistent Threats
By definition, an advanced persistent threat (APT) is a prolonged, targeted attack on a specific victim with the intention to compromise...
What to Know About the Notepad++ Supply-Chain Attack
Blogs Blog In this post we examine the mechanics of the CVE-2025-15556 supply-chain attack and provide actionable steps to...
Untrusted repositories turn Claude code into an attack vector
Untrusted repositories turn Claude code into an attack vector Pierluigi Paganini February 25, 2026 Flaws in Anthropic’s Claude Code could...
From Exposure to Assurance: How CTEM and MITRE INFORM Enable Modern Cyber Defense
For large enterprises, cybersecurity has become a problem of scale, confidence, and accountability. Attack surfaces are expanding faster than...
Cline CLI 2.3.0 Supply Chain Attack Installed OpenClaw on Developer Systems
In yet another software supply chain attack, the open-source, artificial intelligence (AI)-powered coding assistant Cline CLI was updated to stealthily...
Germany’s national rail operator Deutsche Bahn hit by a DDoS attack
Germany’s national rail operator Deutsche Bahn hit by a DDoS attack Pierluigi Paganini February 19, 2026 Germany’s national rail operator,...
Fintech firm Figure disclosed data breach after employee phishing attack
Fintech firm Figure disclosed data breach after employee phishing attack Pierluigi Paganini February 14, 2026 Fintech firm Figure confirmed a...
Senegal shuts National ID office after ransomware attack
Senegal shuts National ID office after ransomware attack Pierluigi Paganini February 10, 2026 Senegal closed its national ID card office...
Italian university La Sapienza still offline to mitigate recent cyber attack
Italian university La Sapienza still offline to mitigate recent cyber attack Pierluigi Paganini February 07, 2026 Rome’s La Sapienza University...
Record-breaking 31.4 Tbps DDoS attack hits in November 2025, stopped by Cloudflare
Record-breaking 31.4 Tbps DDoS attack hits in November 2025, stopped by Cloudflare Pierluigi Paganini February 06, 2026 AISURU/Kimwolf botnet hit...
Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT Malware
Cybersecurity researchers have discovered a new supply chain attack in which legitimate packages on npm and the Python Package Index...
How DataDome Stopped Millions of Ticket Scalping Bots Targeting a Global Sports Organization
Between January 8–13, 2026, a global sports organization was targeted by a scalping attack. Over six days, attackers launched more...
