​Cybersecurity researchers have discovered a malicious npm package that comes with stealthy features to inject malicious code into desktop apps for cryptocurrency wallets like Atomic and Exodus on Windows systems.… Read More »Malicious npm Package nodejs-smtp Mimics Nodemailer, Targets Atomic and Exodus Wallets

​Cybersecurity researchers are calling attention to a new shift in the Android malware landscape where dropper apps, which are typically used to deliver banking trojans, to also distribute simpler malware… Read More »Android Droppers Now Deliver SMS Stealers and Spyware, Not Just Banking Trojans

​As enterprises continue to shift their operations to the browser, security teams face a growing set of cyber challenges. In fact, over 80% of security incidents now originate from web… Read More »When Browsers Become the Attack Surface: Rethinking Security for Scattered Spider

​Cybersecurity today is less about single attacks and more about chains of small weaknesses that connect into big risks. One overlooked update, one misused account, or one hidden tool in… Read More »⚡ Weekly Recap: WhatsApp 0-Day, Docker Bug, Salesforce Breach, Fake CAPTCHAs, Spyware App & More

​Cybersecurity researchers have discovered a new phishing campaign undertaken by the North Korea-linked hacking group called ScarCruft (aka APT37) to deliver a malware known as RokRAT. The activity has been… Read More »ScarCruft Uses RokRAT Malware in Operation HanKook Phantom Targeting South Korean Academics

​Cybersecurity researchers have called attention to a cyber attack in which unknown threat actors deployed an open-source endpoint monitoring and digital forensic tool called Velociraptor, illustrating ongoing abuse of legitimate… Read More »Attackers Abuse Velociraptor Forensic Tool to Deploy Visual Studio Code for C2 Tunneling

​WhatsApp has addressed a security vulnerability in its messaging apps for Apple iOS and macOS that it said may have been exploited in the wild in conjunction with a recently… Read More »WhatsApp Issues Emergency Update for Zero-Click Exploit Targeting iOS and macOS Devices

​Three new security vulnerabilities have been disclosed in the Sitecore Experience Platform that could be exploited to achieve information disclosure and remote code execution.  The flaws, per watchTowr Labs, are… Read More »Researchers Warn of Sitecore Exploit Chain Linking Cache Poisoning and Remote Code Execution

​An abandoned update server associated with input method editor (IME) software Sogou Zhuyin was leveraged by threat actors as part of an espionage campaign to deliver several malware families, including… Read More »Abandoned Sogou Zhuyin Update Server Hijacked, Weaponized in Taiwan Espionage Campaign

​Amazon on Friday said it flagged and disrupted what it described as an opportunistic watering hole campaign orchestrated by the Russia-linked APT29 actors as part of their intelligence gathering efforts.… Read More »Amazon Disrupts APT29 Watering Hole Campaign Abusing Microsoft Device Code Authentication