Cyber Attack

Malicious ESLint Package Let Attackers Steal Data And Inject Remote Code

Cybercriminals exploited typosquatting to deploy a malicious npm package, `@typescript_eslinter/eslint`, targeting developers seeking the legitimate TypeScript ESLint plugin, which was…

4 months ago

Hackers Target Android Users via WhatsApp to Steal Sensitive Data

Researchers analyzed a malicious Android sample created using Spynote RAT, targeting high-value assets in Southern Asia, which, likely deployed by…

4 months ago

Russian Hackers Hijacked Pakistani Actor Servers For C2 Communication

Secret Blizzard, a Russian threat actor, has infiltrated 33 command-and-control (C2) servers belonging to the Pakistani group Storm-0156, which allows…

4 months ago

Deloitte Hacked – Brain Cipher Group Claim to Have Stolen 1 TB of Data

Brain Cipher has claimed to have breached Deloitte UK and exfiltrated over 1 terabyte of sensitive data. Emerging in June…

4 months ago

Combat Ransomware-as-a-Service with Endpoint Protection

IT professionals are having trouble sleeping because of a recent addition to the dynamic field of cybersecurity known as ransomware-as-a-service,…

4 months ago

UK Healthcare Provider Hit by Cyberattack, Services Affected

Wirral University Teaching Hospital in the UK has been hit by a targeted cyberattack, leading to the declaration of a…

4 months ago

SMOKEDHAM Backdoor Mimic As Legitimate Tools Leveraging Google Drive & Dropbox

UNC2465, a financially motivated threat actor, leverages the SMOKEDHAM backdoor to gain initial access to target networks, which are often…

5 months ago

APT-C-60 Attacking HR Department With Weaponized Resumes

APT-C-60 launched a phishing attack in August 2024, targeting domestic organizations with malicious emails disguised as job applications. These emails,…

5 months ago

RomCom Hackers Exploits Windows & Firefox Zero-Day in Advanced Cyberattacks

In a new wave of cyberattacks, the Russia-aligned hacking group "RomCom" has been found exploiting critical zero-day vulnerabilities in Microsoft…

5 months ago

IBM Workload Scheduler Vulnerability Stores User Credentials in Plain Text

IBM has issued a security bulletin warning customers about a vulnerability in its Workload Scheduler software that allows user credentials…

5 months ago