Socket researchers said the malware-ridden packages were collectively downloaded over 330 times. GitHub removed all of the malicious packages Wednesday.
Skip to main content
Nominations can be submitted for the 2025 CyberScoop 50 awards!
Click here!
Close
Socket researchers said the malware-ridden packages were collectively downloaded over 330 ti… [+3056 chars]
"Smishing" is a combination of "SMS" and "phishing," referring to deceptive tactics used to manipulate individuals into providing confidential info.
The FBI has issued a nationwide warning about a new wave of “smishing” attacks spreading across the United States.
Smishing texts are fraudulent messages sent via SMS (Short Message Service) or text… [+5542 chars]
Lazarus Group targets developers with malicious npm packages, stealing credentials, crypto, and installing backdoor. Stay alert to protect your projects.
The notorious Lazarus Group, a North Korean state-backed hacking group, is back at it again. This time, they’re sneaking malicious code into the popular npm software repository, a vital resource for … [+4459 chars]
"Vibe HN" presents Hacker News in a format resembling a newspaper or a collection of executive summaries, while also capturing the essence of the comments. It was created as a small side project to experiment with LLM APIs and to help me refine my news consum…
NewsCultureOpinionProductsScienceHealth
Feds Link $150M Cyberheist to 2022 LastPass Hacks
(krebsonsecurity.com | comments) The FBI has connected a substantial $150 million cyberheist to vulnerabili… [+10258 chars]
Trend Micro™ Managed XDR assisted in an investigation of a B2B BEC attack that unveiled an entangled mesh weaved by the threat actor with the help of a compromised server, ensnaring three business partners in a scheme that spanned for days. This article featu…
In the second phase, the threat actor has fully inserted themselves to separate the conversations between the two companies. It is important to note that there are about 4-6 recipients in this runnin… [+18328 chars]
The largest known financial heist in history has been perpetrated by a North Korean state-backed hacker group, according to experts.
The Pyongyang-backed Lazarus Group is believed by experts to have stolen $1.5billion from a cryptocurrency exchange.
By Jamin Anderson for RFA Korean 2025.02.27 -- The largest known financial heist … [+3838 chars]
<p>Thailand's cybersecurity landscape faces a crisis as attacks here are 70% higher than the global average, mainly phishing and banking scams, according to global cybersecurity firm Check Point Software Technologies.</p>
Thailand's cybersecurity landscape faces a crisis as attacks here are 70% higher than the global average, mainly phishing and banking scams, according to global cybersecurity firm Check Point Softwar… [+3105 chars]
Given the high volume of visitors to Walt Disney World Resort, millions of tourists may have unknowingly been targeted by a State-wide scam involving the toll roads. Disney World Guests at Risk: The SunPass Scam Exposed Scams are an unfortunate reality of mod…
Given the high volume of visitors to Walt Disney World Resort, millions of tourists may have unknowingly been targeted by a State-wide scam involving the toll roads.
Credit: Inside The Magic
Disney… [+4701 chars]
Scam calls and text messages are becoming increasingly common, especially with scammers coming up with novel ways to make users fall prey to such activities and confuse unsolicited messages with legitimate ones. An urgency is created to take action immediatel…
Scam calls and text messages are becoming increasingly common, especially with scammers coming up with novel ways to make users fall prey to such activities and confuse unsolicited messages with legi… [+2481 chars]
A new audit of DeepSeek's mobile app for the Apple iOS operating system has found glaring security issues, the foremost being that it sends sensitive data over the internet sans any encryption, exposing it to interception and manipulation attacks.
The assessm…
A new audit of DeepSeek's mobile app for the Apple iOS operating system has found glaring security issues, the foremost being that it sends sensitive data over the internet sans any encryption, expos… [+3402 chars]
Find out how to spot the signs of a hacked computer and take immediate action to protect your data and regain control of your device.
Restoring a hacked computer to normal can be a time-consuming process, but it is generally doable.
getty
Hackers are a busy bunch, with more than 300 million computers hacked every year and there's… [+9182 chars]
The Computer Emergency Response Team of Ukraine (CERT-UA) is warning of ongoing attempts by unknown threat actors to impersonate the cybersecurity agency by sending AnyDesk connection requests.
The AnyDesk requests claim to be for conducting an audit to asses…
The Computer Emergency Response Team of Ukraine (CERT-UA) is warning of ongoing attempts by unknown threat actors to impersonate the cybersecurity agency by sending AnyDesk connection requests.
The … [+3543 chars]
The North Korea-linked Lazarus Group has been attributed to a new cyber attack campaign dubbed Operation 99 that targeted software developers looking for freelance Web3 and cryptocurrency work to deliver malware.
"The campaign begins with fake recruiters, pos…
The North Korea-linked Lazarus Group has been attributed to a new cyber attack campaign dubbed Operation 99 that targeted software developers looking for freelance Web3 and cryptocurrency work to del… [+3073 chars]
Until Mark Zuckerberg faces a reckoning for his republic-destroying actions, there should be no amnesty for him.
Mark Zuckerberg announced on Tuesday that Meta is super-duper apologetic for censoring its political enemies for years on end. He promises to do better because his tech behemoth is actually a huge fa… [+5624 chars]
PETALING JAYA: As Malaysians are increasingly shopping online for everything from minor items to branded goods, including expensive gadgets or designer handbags, cybersecurity experts have warned of the risk of data breaches in the seemingly convenient practi…
PETALING JAYA: As Malaysians are increasingly shopping online for everything from minor items to branded goods, including expensive gadgets or designer handbags, cybersecurity experts have warned of … [+3432 chars]
The Chinese Winnti hacking group is using a new PHP backdoor named 'Glutton' in attacks on organizations in China and the U.S., and also in attacks on other cybercriminals. [...]
The Chinese Winnti hacking group is using a new PHP backdoor named 'Glutton' in attacks on organizations in China and the U.S., and also in attacks on other cybercriminals.
Chinese security firm QA… [+3997 chars]
A new Linux rootkit malware called Pumakit has been discovered that uses stealth and advanced privilege escalation techniques to hide its presence on systems. [...]
A new Linux rootkit malware called Pumakit has been discovered that uses stealth and advanced privilege escalation techniques to hide its presence on systems.
The malware is a multi-component set th… [+3341 chars]
ESET Research details the analysis of a previously unknown vulnerability in Mozilla products exploited in the wild and another previously unknown Microsoft Windows vulnerability, combined in a zero-click exploit.
ESET researchers discovered a previously unknown vulnerability in Mozilla products, exploited in the wild by Russia-aligned group RomCom. This is at least the second time that RomCom has been caught … [+28637 chars]
The company gave details for the first time on its approach to combatting organized criminal networks behind the devastating scams.
Since roughly 2020, when the earliest pig butchering scams started to emerge, more than 200,000 people have been trafficked and held in compoundsmost in Myanmar, Cambodia, or Laoswhere they are force… [+2262 chars]
While businesses and residents of these communities focus on recovery, cybercriminals see opportunity.
Morey Haber, Chief Security Advisor at BeyondTrust, is an identity and technical evangelist with over 25 years of IT industry experience.
getty
The 2024 hurricane season has tested the southeast of… [+5564 chars]
Modern-day hoax and scam calls use the Internet, meaning they aren’t delivered through a conventional telephone line or SIM card that can be physically traced.
A huge number of hoax calls crippled many flights last month. Internet-driven threats are not only difficult to trace, they also defy cross-border regulations, making matters geopolitically complicat… [+3040 chars]
The United States, UK, and Australian governments all took aim at ransomware gang Evil Corp as new connections emerge with LockBit.
International law enforcement efforts have intensified against Evil Corp, a Russia-based cybercrime syndicate allegedly responsible for widespread financial theft and ransomware attacks.
The U.S. De… [+3334 chars]
According to Winfuture, Russian ransomware groups have found a safe place in their home country, where they can act without fear of law action from ...
The post How Russian Ransomware Groups Like Evil Corp Are Working with the Kremlin appeared first on Gizchi…
According to Winfuture, Russian ransomware groups have found a safe place in their home country, where they can act without fear of law action from other states. This has made Russia a hub for cyberc… [+5613 chars]
Ransomware attacks have seen dramatic changes over the past few years. Once considered a mere nuisance, they now pose a potentially devastating threat to organizations of all sizes. Back in 2019, ransomware attacks were just ramping up, focusing on infecting …
Ransomware attacks have seen dramatic changes over the past few years. Once considered a mere nuisance, they now pose a potentially devastating threat to organizations of all sizes.
Back in 2019, ra… [+4799 chars]
A study from broker group TIA shows the industry struggling against freight fraud, but also offers carriers clues on how to win trust and business.
The "fraud apocalypse" continues to ravage the trucking industry, with brokers particularly feeling the pain and left explaining to their shipper customers just where their freight went and on whose … [+5773 chars]
