Researchers Detect Malicious npm Package Targeting GitHub-Owned Repositories
Nov 11, 2025Ravie LakshmananSoftware Supply Chain / Malware Cybersecurity researchers have discovered a malicious npm package named "@acitons/artifact" that typosquats...
LakshmananSoftware
Malicious Rust Crates Steal Solana and Ethereum Keys — 8,424 Downloads Confirmed
Sep 25, 2025Ravie LakshmananSoftware Security / Malware Cybersecurity researchers have discovered two malicious Rust crates impersonating a legitimate library called...
LastPass Warns of Fake Repositories Infecting macOS with Atomic Infostealer
Sep 20, 2025Ravie LakshmananSoftware Security / Malware LastPass is warning of an ongoing, widespread information stealer campaign targeting Apple macOS...
SAP Patches Critical NetWeaver (CVSS Up to 10.0) and Previously Exploited S/4HANA Flaws
Sep 10, 2025Ravie LakshmananSoftware Security / Vulnerability SAP on Tuesday released security updates to address multiple security flaws, including three...
Malicious npm Packages Impersonate Flashbots, Steal Ethereum Wallet Keys
Sep 06, 2025Ravie LakshmananSoftware Security / Cryptocurrency A new set of four malicious packages have been discovered in the npm...
Development Software Unveils Fixes for 6 Deficiencies in WhatsUp Gold – Update Immediately
Sep 27, 2024Ravie LakshmananSoftware Security / Vulnerability Development Software has unveiled another set of patches to deal with six security...
The Latest PondRAT Malware Concealed in Python Bundles Aiming at Programmers
September 23, 2024Ravie LakshmananSoftware Safety / Supply Chain Hackers associated with North Korea have been seen utilizing tainted Python bundles...
SolarWinds Releases Update for Critical ARM Vulnerability Enabling Remote Code Execution Attacks
Sep 17, 2024Ravie LakshmananSoftware Security / Data Protection SolarWinds has rolled out solutions to rectify two security vulnerabilities in its...
Developments in WhatsUp Gold Security Concerns Hours Following PoC Release for Crucial Vulnerability
Sep 13, 2024Ravie LakshmananSoftware Security / Threat Intelligence Cybercriminals are possibly using publicly accessible proof-of-concept (PoC) exploits for freshly revealed...
GitHub Actions Prone to Typographical Errors, Exposing Developers to Concealed Malicious Code
September 6, 2024Ravie LakshmananSoftware Security / Hacking Cybercriminals have frequently exploited typographical errors to deceive unsuspecting users into visiting harmful...
Deceptive npm Packages Imitating ‘noblox.js’ Put Roblox Developers’ Systems at Risk
Sep 02, 2024Ravie LakshmananSoftware Security / Malware Roblox software developers are being targeted in an ongoing scheme aiming to compromise...
Alert! CISA Identifies Crucial Apache OFBiz Vulnerability Amid Ongoing Exploitation Reports
August 28, 2024Ravie LakshmananSoftware Security / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an announcement on Tuesday...
Alert Regarding Critical Apache OFBiz Vulnerability Issued by CISA Amid Reports of Ongoing Exploitation
Aug 28, 2024Ravie LakshmananSoftware Security / Vulnerability An important update was made by the U.S. Cybersecurity and Infrastructure Security Agency...
Significant Weaknesses in Traccar GPS System Make Users Vulnerable to Remote Attacks
Aug 26, 2024Ravie LakshmananSoftware Security / Vulnerability Two security vulnerabilities have surfaced in the open-source Traccar GPS tracking system that...
Critical Vulnerability in Copilot Studio by Microsoft Addressed Through Patches, Revealing Confidential Data
Aug 21, 2024Ravie LakshmananSoftware Security / Vulnerability Researchers in the field of cybersecurity have reported a significant flaw in Microsoft's...
