News

GitHub dismissed security reports on flaws now exploited by supply-chain worm, researchers say

Bys s June 17, 2026

Alexander Martin reports: GitHub rejected two formal vulnerability reports identifying design flaws that researchers say are enabling variants of the Shai-Hulud supply-chain worm to infect and compromise hundreds of software packages and developer accounts worldwide. The reports, submitted by threat intelligence group Deep Specter Research through GitHub’s bug disclosure channel on HackerOne, were both closed…

Source

News

Node.js Malware Campaign Targets Crypto Users with Fake Binance and TradingView Installers
Bys s April 17, 2025

Microsoft is calling attention to an ongoing malvertising campaign that makes use of Node.js to deliver malicious payloads capable of information theft and data exfiltration. The activity, first detected in October 2024, uses lures related to cryptocurrency trading to trick users into installing a rogue installer from fraudulent websites that masquerade as legitimate software like…

Read More Node.js Malware Campaign Targets Crypto Users with Fake Binance and TradingView Installers
News

Hackers target Taliban databases
Bys s February 6, 2025

Habib Mohammadi reports: A group of unidentified hackers has breached the Taliban’s databases, leaking documents from 21 ministries and government agencies, some of which appear to be classified, according to reports circulating online. The leaked files reportedly include documents from the Taliban-controlled ministries of finance, justice, foreign affairs, information and culture, telecommunications, and mining, as…

Read More Hackers target Taliban databases
News

Bogus ‘BianLian’ Gang Sends Snail-Mail Extortion Letters
Bys s March 6, 2025

Elizabeth Montalbano reports: Someone claiming to represent the BianLian ransomware group is sending top executives from various organizations snail-mail extortion letters informing them that their IT network has been compromised and threatening to delete or leak sensitive company data. Sending physical letters through the mail system is an unusual move for a cybercriminal group, which typically sends…

Read More Bogus ‘BianLian’ Gang Sends Snail-Mail Extortion Letters
News

GlassWorm Campaign Uses Zig Dropper to Infect Multiple Developer IDEs
Bys s April 10, 2026

Cybersecurity researchers have flagged yet another evolution of the ongoing GlassWorm campaign, which employs a new Zig dropper that’s designed to stealthily infect all integrated development environments (IDEs) on a developer’s machine. The technique has been discovered in an Open VSX extension named “specstudio.code-wakatime-activity-tracker,” which masquerades as WakaTime, a

Read More GlassWorm Campaign Uses Zig Dropper to Infect Multiple Developer IDEs
News

Breaches Within Breaches: Contractual Obligations After a Security Incident
Bys s April 19, 2025

Roma Patel writes: We often cover consumer class action complaints against companies regarding the privacy and security of personal information. However, litigation can also arise from alleged breach of contract between two companies. This week, we will analyze a medical diagnostic testing laboratory’s April 2025 complaint against its managed services provider for its alleged failure…

Read More Breaches Within Breaches: Contractual Obligations After a Security Incident
News

NL: Dutch healthcare software vendor goes dark after ransomware attack
Bys s April 8, 2026

Connor Jones reports: A Dutch healthcare software vendor has been knocked offline following a ransomware attack, officials say. ChipSoft‘s website went down on April 7 and remains unreachable at the time of writing. The company provides hospitals with patient record software, serving around 80 percent of all facilities in the country. The ransomware element of……

Read More NL: Dutch healthcare software vendor goes dark after ransomware attack

Similar Posts