Beware: GitHub repos distributing Atomic Infostealer on macOS
Beware: GitHub repos distributing Atomic Infostealer on macOS Pierluigi Paganini September 22, 2025 LastPass warns macOS users of fake GitHub...
Malware
ESET uncovers Gamaredon–Turla collaboration in Ukraine cyberattacks
ESET uncovers Gamaredon–Turla collaboration in Ukraine cyberattacks Pierluigi Paganini September 21, 2025 ESET found evidence that Russia-linked groups Gamaredon and...
Security Affairs newsletter Round 542 by Pierluigi Paganini – INTERNATIONAL EDITION
Security Affairs newsletter Round 542 by Pierluigi Paganini – INTERNATIONAL EDITION Pierluigi Paganini September 21, 2025 A new round of...
A cyberattack on Collins Aerospace disrupted operations at major European airports
A cyberattack on Collins Aerospace disrupted operations at major European airports Pierluigi Paganini September 20, 2025 A cyberattack on Collins...
CISA warns of malware deployed through Ivanti EPMM flaws
CISA warns of malware deployed through Ivanti EPMM flaws Pierluigi Paganini September 20, 2025 The U.S. Cybersecurity and Infrastructure Security...
CountLoader Broadens Russian Ransomware Operations With Multi-Version Malware Loader
Cybersecurity researchers have discovered a new malware loader codenamed CountLoader that has been put to use by Russian ransomware gangs...
Smashing Security podcast #435: Lights! Camera! Hacktion!
When “bad actors” stop being hackers and start being… actual actors. This week, Graham and special guest Jenny Radcliffe play...
New supply chain attack hits npm registry, compromising 40+ packages
New supply chain attack hits npm registry, compromising 40+ packages Pierluigi Paganini September 16, 2025 Researchers uncovered a new supply...
Self-Replicating Worm Compromising Hundreds of NPM Packages
An ongoing supply chain attack dubbed "Shai-Hulud" has compromised hundreds of packages in the npm repository with a self-replicating worm...
Ongoing npm Software Supply Chain Attack Exposes New Risks
Last updated 7:00 p.m. ET on September 16, 2025 The post Ongoing npm Software Supply Chain Attack Exposes New Risks...
Chinese-Made Villager AI Pentest Tool Raises Cobalt Strike-Like Concerns
Villager is being pitched as a legitimate AI-powered pentest tool for red teams, but the platform, made by Chinese company...
Cybercrime group accessed Google Law Enforcement Request System (LERS)
Cybercrime group accessed Google Law Enforcement Request System (LERS) Pierluigi Paganini September 16, 2025 Google found threat actors created a...
Anthropic Report Shows Bad Actors Abusing Claude in Attacks
A recent report from AI giant Anthropic outlined multiple instances where threat actors abused its Claude LLM in their nefarious...
China-linked Mustang Panda deploys advanced SnakeDisk USB worm
China-linked Mustang Panda deploys advanced SnakeDisk USB worm Pierluigi Paganini September 16, 2025 China-linked APT group Mustang Panda has been spotted...
Attacks with Stealerium malware spike
Intrusions deploying the Stealerium information-stealing malware have escalated from May to August following an over a year-long lull, reports ITPro.Threat...
