News

Putting the dampener on tamperers

Bys s May 8, 2025

Taking a dive into Sophos Tamper Protection

News

Malicious Rust Crates Steal Solana and Ethereum Keys — 8,424 Downloads Confirmed
Bys s September 25, 2025

Cybersecurity researchers have discovered two malicious Rust crates impersonating a legitimate library called fast_log to steal Solana and Ethereum wallet keys from source code. The crates, named faster_log and async_println, were published by the threat actor under the alias rustguruman and dumbnbased on May 25, 2025, amassing 8,424 downloads in total, according to software supply…

Read More Malicious Rust Crates Steal Solana and Ethereum Keys — 8,424 Downloads Confirmed
News

20 Popular npm Packages With 2 Billion Weekly Downloads Compromised in Supply Chain Attack
Bys s September 9, 2025

Multiple npm packages have been compromised as part of a software supply chain attack after a maintainer’s account was compromised in a phishing attack. The attack targeted Josh Junon (aka Qix), who received an email message that mimicked npm (“support@npmjs[.]help”), urging them to update their update their two-factor authentication (2FA) credentials before September 10, 2025,…

Read More 20 Popular npm Packages With 2 Billion Weekly Downloads Compromised in Supply Chain Attack
News

Microsoft Expands Sentinel Into Agentic Security Platform With Unified Data Lake
Bys s September 30, 2025

Microsoft on Tuesday unveiled the expansion of its Sentinel Security Incidents and Event Management solution (SIEM) as a unified agentic platform with the general availability of the Sentinel data lake. In addition, the tech giant said it’s also releasing a public preview of Sentinel Graph and Sentinel Model Context Protocol (MCP) server. “With graph-based context,…

Read More Microsoft Expands Sentinel Into Agentic Security Platform With Unified Data Lake
News

SilentSync RAT Delivered via Two Malicious PyPI Packages Targeting Python Developers
Bys s September 18, 2025

Cybersecurity researchers have discovered two new malicious packages in the Python Package Index (PyPI) repository that are designed to deliver a remote access trojan called SilentSync on Windows systems. “SilentSync is capable of remote command execution, file exfiltration, and screen capturing,” Zscaler ThreatLabz’s Manisha Ramcharan Prajapati and Satyam Singh said. “SilentSync also extracts

Read More SilentSync RAT Delivered via Two Malicious PyPI Packages Targeting Python Developers
News

Researchers Link DeepSeek’s Blockbuster Chatbot to Chinese Telecom Banned From Doing Business in US
Bys s February 6, 2025

DeepSeek has computer code that could send some user login information to China Mobile. The post Researchers Link DeepSeek’s Blockbuster Chatbot to Chinese Telecom Banned From Doing Business in US appeared first on SecurityWeek.

Read More Researchers Link DeepSeek’s Blockbuster Chatbot to Chinese Telecom Banned From Doing Business in US
News

5 Threats That Reshaped Web Security This Year [2025]
Bys s December 4, 2025

As 2025 draws to a close, security professionals face a sobering realization: the traditional playbook for web security has become dangerously obsolete. AI-powered attacks, evolving injection techniques, and supply chain compromises affecting hundreds of thousands of websites forced a fundamental rethink of defensive strategies. Here are the five threats that reshaped web security this year,…

Read More 5 Threats That Reshaped Web Security This Year [2025]

Similar Posts