SecurityWeek

136 NPM Packages Delivering Infostealers Downloaded 100,000 Times

For the past four months, over 130 malicious NPM packages deploying information stealers have been collectively downloaded ...

PhantomRaven attack floods npm with credential-stealing packages

An active campaign named 'PhantomRaven' is targeting developers with dozens of malicious npm packages that steal ...
Cybernews

F5 breach exposes powerful backdoor exploited by China-linked hackers

A powerful and stealthy backdoor Brickstorm, linked to China, was used to maintain undetected access within F5 systems for at ...

ERPC、シカゴリージョンでSolana向けEPYC VPS性能アップデートを完了 ...

CPU・メモリ・ストレージの各層を最適化し、キャッシュ効率、メモリアクセス、ストレージI/O帯域を総合的に改善しました。これにより、キャッシュを多く活用するSolana系ワークロードで特に効果を発揮 ELSOUL LABO ...

NPM flooded with malicious packages downloaded more than 86,000 times

Attackers are exploiting a major weakness that has allowed them access to the NPM code repository with more than 100 ...
The Hacker News

APT36 Targets Indian Government with Golang-Based DeskRAT Malware Campaign

An attack campaign undertaken by a Vietnam-aligned hacking group known as OceanLotus (aka APT-Q-31) that delivers the Havoc post-exploitation framework in attacks targeting enterprises and government ...
The Hacker News

Researchers Identify PassiveNeuron APT Using Neursite and NeuralExecutor Malware

Neursite utilizes an embedded configuration to connect to the C2 server and uses TCP, SSL, HTTP and HTTPS protocols for ...
CSO Online

North Korean threat actors turn blockchains into malware delivery servers

EtherHiding’: Nation-state and cybercriminal groups are leveraging smart contracts as command-and-control servers for ...
CoinDeskOpinion

Crypto’s ‘Decentralized’ Illusion Shattered Again by Another AWS Meltdown

“The AWS outage once again reminds us that blockchain, and really, the internet itself, is only as decentralized as the ...