Sansec uncovered a supply chain attack via 21 backdoored Magento extensions
Sansec uncovered a supply chain attack via 21 backdoored Magento extensions Pierluigi Paganini May 05, 2025 Supply chain attack via...
Malware
Golden Chickens Deploy TerraStealerV2 to Steal Browser Credentials and Crypto Wallet Data
The threat actors known as Golden Chickens have been attributed to two new malware families dubbed TerraStealerV2 and TerraLogger, suggesting...
US authorities have indicted Black Kingdom ransomware admin
US authorities have indicted Black Kingdom ransomware admin Pierluigi Paganini May 05, 2025 A 36-year-old Yemeni man behind Black Kingdom...
Malicious Go Modules designed to wipe Linux systems
Malicious Go Modules designed to wipe Linux systems Pierluigi Paganini May 04, 2025 Researchers found 3 malicious Go modules with...
Security Affairs newsletter Round 522 by Pierluigi Paganini – INTERNATIONAL EDITION
Security Affairs newsletter Round 522 by Pierluigi Paganini – INTERNATIONAL EDITION Pierluigi Paganini May 04, 2025 A new round of...
Rhysida Ransomware gang claims the hack of the Government of Peru
Rhysida Ransomware gang claims the hack of the Government of Peru Pierluigi Paganini May 03, 2025 The Rhysida Ransomware gang...
DragonForce group claims the theft of data after Co-op cyberattack
DragonForce group claims the theft of data after Co-op cyberattack Pierluigi Paganini May 03, 2025 Hackers claim Co-op cyberattack is...
Luxury department store Harrods suffered a cyberattack
Luxury department store Harrods suffered a cyberattack Pierluigi Paganini May 02, 2025 Harrods confirmed a cyberattack, following similar incidents suffered...
MintsLoader Drops GhostWeaver via Phishing, ClickFix — Uses DGA, TLS for Stealth Attacks
The malware loader known as MintsLoader has been used to deliver a PowerShell-based remote access trojan called GhostWeaver. "MintsLoader operates...
Report Exposes Soft Security Underbelly of Mobile Computing
Zimperium, this week during the 2025 RSA Conference, shared an analysis of mobile computing environments that finds more than 60%...
Hive0117 group targets Russian firms with new variant of DarkWatchman malware
Hive0117 group targets Russian firms with new variant of DarkWatchman malware Pierluigi Paganini May 01, 2025 Hive0117 targets Russian firms...
Russia-linked group Nebulous Mantis targets NATO-related defense organizations
Russia-linked group Nebulous Mantis targets NATO-related defense organizations Pierluigi Paganini April 30, 2025 PRODAFT researchers warn of Russia-linked APT group...
Smashing Security podcast #415: Hacking hijinks at the hospital, and WASPI scams
He’s not a pop star, but Jeffrey Bowie is alleged to have toured staff areas of a hospital in Oklahoma,...
France links Russian APT28 to attacks on dozen French entities
France links Russian APT28 to attacks on dozen French entities Pierluigi Paganini April 30, 2025 France blames Russia-linked APT28 for...
-Apr-29-2025-01-33-58-6552-PM.jpeg "Revived CryptoJS library is a crypto stealer in disguise")
Revived CryptoJS library is a crypto stealer in disguise
An illicit npm package called ‘crypto-encrypt-ts‘ may appear to revive the unmaintained but vastly popular CryptoJS library, but what it...
