‘Revival Hijack’ on PyPI Disguises Malware with Legitimate File Names
Adversaries reusing abandoned package names sneak malware into organizations in a sort of software shell game. Adversaries reusing abandoned package…
FBI: North Korean Actors Readying Aggressive Cyberattack Wave
Sophisticated social engineering is expected to accompany threat campaigns that are highly targeted and aimed at stealing crypto and deploying…
North Korean Hackers Targets Job Seekers with Fake FreeConference App
North Korean threat actors have leveraged a fake Windows video conferencing application impersonating FreeConference.com to backdoor developer systems as part…
Google Confirms CVE-2024-32896 Exploited in the Wild, Releases Android Security Patch
Google has released its monthly security updates for the Android operating system to address a known security flaw that it…
How CISOs Can Effectively Communicate Cyber-Risk
A proximity resilience graph offers a more accurate representation of risk than heat maps and risk registers, and allows CISOs…
CEO’s Arrest Will Likely Not Dampen Cybercriminal Interest in Telegram
In recent years, the platform has become a go-to tool for executing almost all conceivable cybercriminal activity. In recent years,…
Hackers Hijack 22,000 Removed PyPI Packages, Spreading Malicious Code to Developers
A new supply chain attack technique targeting the Python Package Index (PyPI) registry has been exploited in the wild in…
Zyxel Patches Critical OS Command Injection Flaw in Access Points and Routers
Zyxel has released software updates to address a critical security flaw impacting certain access point (AP) and security router versions…
The New Effective Way to Prevent Account Takeovers
Account takeover attacks have emerged as one of the most persistent and damaging threats to cloud-based SaaS environments. Yet despite…
Security Researcher Sued for Disproving Government Statements
This story seems straightforward. A city is the victim of a ransomware attack. They repeatedly lie to the media about…
