New supply chain attack hits npm registry, compromising 40+ packages
New supply chain attack hits npm registry, compromising 40+ packages Pierluigi Paganini September 16, 2025 Researchers uncovered a new supply...
attack
Self-Replicating Worm Compromising Hundreds of NPM Packages
An ongoing supply chain attack dubbed "Shai-Hulud" has compromised hundreds of packages in the npm repository with a self-replicating worm...
Ongoing npm Software Supply Chain Attack Exposes New Risks
Last updated 7:00 p.m. ET on September 16, 2025 The post Ongoing npm Software Supply Chain Attack Exposes New Risks...
ShinyHunters Attack National Credit Information Center of Vietnam
ShinyHunters Attack National Credit Information Center of Vietnam Pierluigi Paganini September 14, 2025 Vietnam’s National Credit Information Center (CIC) was...
Malware Injected Into Code Packages That Get 2 Billion+ Downloads Each Week
Image: SizeSquare's/Adobe Stock In a massive attack on the JavaScript ecosystem, unidentified hackers have compromised a series of npm (Node...
Supply chain attack targets npm, +2 Billion weekly npm downloads exposed
Supply chain attack targets npm, +2 Billion weekly npm downloads exposed Pierluigi Paganini September 09, 2025 Multiple popular npm packages...
GitHub Account Compromise Led to Salesloft Drift Breach Affecting 22 Companies
Sep 08, 2025Ravie LakshmananSupply Chain Attack / API Security Salesloft has revealed that the data breach linked to its Drift...
Under lock and key: Safeguarding business data with encryption
Business Security As the attack surface expands and the threat landscape grows more complex, it’s time to consider whether your...
An MDR Analysis of the AMOS Stealer Campaign Targeting macOS via ‘Cracked’ Apps
Conclusion Our analysis revealed a sophisticated multistage attack that relies on social engineering to trick victims, uses domain rotation techniques...
An MDR Analysis of the AMOS Stealer Campaign Targeting macOS via ‘Cracked’ Apps
Conclusion Our analysis revealed a sophisticated multistage attack that relies on social engineering to trick victims, uses domain rotation techniques...
Marks and Spencer confirms data breach after April cyber attack
Marks and Spencer confirms data breach after April cyber attack Pierluigi Paganini May 13, 2025 Marks and Spencer (M&S) confirms...
Top 5 Cybersecurity Automation Tools Transforming Risk Management
The expanding attack surface and growing regulatory requirements have created an unsustainable workload for cybersecurity teams relying on manual processes....
A cyber attack briefly disrupted South African Airways operations
A cyber attack briefly disrupted South African Airways operations Pierluigi Paganini May 09, 2025 A cyberattack briefly disrupted South African...
Indirect prompt injection attacks target common LLM data sources
While the shortest distance between two points is a straight line, a straight-line attack on a large language model isn’t...
From Managing Vulnerabilities to Managing Exposure: The Critical Shift You Can’t Ignore
Vulnerability management remains core to reducing cyber risk — but as the attack surface grows, teams need a risk-driven strategy...
