News

TamperedChef serves bad ads, with infostealers as the main course

Bys s January 16, 2026

Sophos X-Ops explores a malvertising campaign that leverages Google Ads to distribute an infostealer

Categories: Threat Research

Tags: TamperedChef, EvilAI, infostealer, Sophos X-Ops

News

Average Brit hit by five data breaches since 2004
Bys s July 25, 2025

For some perspective on the numbers affected by breaches over time, Emma Woollacott reports: Around seven British user accounts were breached every minute during the second quarter of 2025 – more than three million in total. While data breaches dropped globally by 58% from the previous quarter, the number rose from 70 million to 94…

Read More Average Brit hit by five data breaches since 2004
News

Malicious NuGet Packages Stole ASP.NET Data; npm Package Dropped Malware
Bys s February 25, 2026

Cybersecurity researchers have discovered four malicious NuGet packages that are designed to target ASP.NET web application developers to steal sensitive data. The campaign, discovered by Socket, exfiltrates ASP.NET Identity data, including user accounts, role assignments, and permission mappings, as well as manipulates authorization rules to create persistent backdoors in victim applications.

Read More Malicious NuGet Packages Stole ASP.NET Data; npm Package Dropped Malware
News

Chinese Hackers Target Linux Systems Using SNOWLIGHT Malware and VShell Tool
Bys s April 15, 2025

The China-linked threat actor known as UNC5174 has been attributed to a new campaign that leverages a variant of a known malware dubbed SNOWLIGHT and a new open-source tool called VShell to infect Linux systems. “Threat actors are increasingly using open source tools in their arsenals for cost-effectiveness and obfuscation to save money and, in…

Read More Chinese Hackers Target Linux Systems Using SNOWLIGHT Malware and VShell Tool
News

Clop extortion emails claim theft of Oracle E-Business Suite data
Bys s October 2, 2025

Lawrence Abrams reports: Mandiant and Google are tracking a new extortion campaign where executives at multiple companies received emails claiming that sensitive data was stolen from their Oracle E-Business Suite systems. According to Genevieve Stark, Head of Cybercrime and Information Operations Intelligence Analysis at GTIG, the campaign began in late September. “This activity began on……

Read More Clop extortion emails claim theft of Oracle E-Business Suite data
News

UnitedHealth estimates 190M people impacted by Change Healthcare cyberattack
Bys s January 25, 2025

Paige Minemyer reports: Change Healthcare now estimates that 190 million people were impacted in the massive cyberattack that took down its services nearly a year ago. UnitedHealth Group, Change’s parent company, said in a statement to Fierce Healthcare that the “vast majority” of people impacted have received an individual or substitute notice about the breach….

Read More UnitedHealth estimates 190M people impacted by Change Healthcare cyberattack
News

New Reports Uncover Jailbreaks, Unsafe Code, and Data Theft Risks in Leading AI Systems
Bys s April 29, 2025

Various generative artificial intelligence (GenAI) services have been found vulnerable to two types of jailbreak attacks that make it possible to produce illicit or dangerous content. The first of the two techniques, codenamed Inception, instructs an AI tool to imagine a fictitious scenario, which can then be adapted into a second scenario within the first…

Read More New Reports Uncover Jailbreaks, Unsafe Code, and Data Theft Risks in Leading AI Systems

Similar Posts