Advertisement
TrapDoor Campaign: Detecting Cross-Ecosystem Supply Chain Attacks
The TrapDoor campaign targets npm, PyPI, and Crates.io with over 384 malicious versions designed to exfiltrate developer credentials and sensitive data.
Laravel Lang Hijack: Supply Chain Attack via Malicious GitHub Tags
Analysis of the Laravel Lang supply chain attack involving malicious GitHub tags v13.8.1 and v13.8.2 used to steal environmental secrets and credentials.
Canadian Man Arrested for Kimwolf Botnet Operations
Jacob Butler faces US extradition for operating the Kimwolf botnet. Analysis of the arrest, botnet infrastructure, and its role in the initial access market.
GitHub Actions Supply Chain Attack: actions-cool/issues-helper
Analysis of the actions-cool/issues-helper supply chain attack where tags were redirected to steal credentials. Learn how to detect and mitigate this threat.
JDownloader Site Compromise: Python RAT Distribution Analysis
Attackers compromised JDownloader's site to distribute malicious installers containing a Python-based RAT. Learn how to detect and mitigate this threat.
Microsoft Edge Plaintext Password Exposure and ICS Zero-Day Risks
Analysis of Microsoft Edge plaintext password storage risks, newly disclosed ICS zero-day vulnerabilities, and Telegram-based data exfiltration TTPs.
AitM Phishing Attacks Target US Organizations with Conduct Reports
Microsoft warns of a sophisticated AitM phishing campaign using fake conduct reports to bypass MFA and hijack Microsoft 365 user sessions.
Credential Theft: Microsoft Details Phishing Campaign Targeting 35k Users
Microsoft warns of a global phishing campaign targeting 35,000 users with code-of-conduct lures to steal authentication tokens across 13,000 organizations.
US Security Experts Sentenced in REvil Ransomware Conspiracy
Two US security professionals were sentenced to prison for selling corporate credentials to the REvil ransomware gang, highlighting insider threat risks.
New DEEP#DOOR Python Backdoor Targets Cloud and Browser Credentials
DEEP#DOOR is a stealthy Python-based backdoor framework using tunneling services for persistent C2 and credential harvesting from cloud and browser data.
Official SAP npm Packages Compromised in TeamPCP Supply Chain Attack
Attackers compromised official SAP npm packages to exfiltrate developer credentials and tokens. Learn how to detect and remediate this supply chain threat.
SAP npm Packages Compromised by “Mini Shai-Hulud” Malware
The Mini Shai-Hulud campaign targets SAP cloud application developers with credential-stealing npm packages. Learn how to detect and mitigate this threat.