A recent surge in malicious email campaigns has been traced back to a North Korean state-sponsored group known for its history of cryptocurrency heists. This latest wave of activity, identified as a significant shift in tactics, involves aggressive credential harvesting targeting multiple sectors including education, government, and healthcare, in addition…
Identity & Access Management, Security Operations Salesloft Reports GitHub Repository Compromised by Cyber Attackers Greg Sirico • September 8, 2025 Image: Shutterstock Salesloft has confirmed that hackers gained unauthorized access to its GitHub repository, leading to a significant breach affecting several companies, including cybersecurity firms Tenable and Qualys. This incident…
Hackers have executed a significant supply-chain attack by embedding malicious code into a variety of open-source software packages, impacting more than 2 billion weekly updates. This incident, which has been characterized as possibly the largest of its kind to date, compromised nearly two dozen packages hosted on the npm repository,…
In a disturbing development for cybersecurity, a campaign attributed to unidentified threat actors has emerged, focusing primarily on organizations in Japan since January 2025. This malicious initiative exploits a vulnerability known as CVE-2024-4577, a remote code execution (RCE) flaw in the PHP-CGI implementation on Windows systems, as reported by Cisco…
Cybersecurity experts from Silent Push have exposed a complex Chinese espionage initiative that intertwines two notable threat actors: Salt Typhoon and UNC4841. This investigation has unveiled a previously hidden network of malicious infrastructure aimed at infiltrating government and corporate networks across more than 80 countries. The analysis identified 45 malicious…
Recent findings by cybersecurity experts have unveiled a significant vulnerability within the Amazon EC2 Simple Systems Manager (SSM) Agent, a flaw that has since been patched. Should it have been exploited by malicious actors, the vulnerability could have led to unauthorized privilege escalation and code execution on affected systems. The…
Recent findings have established a connection between the politically driven hacktivist group known as Moses Staff and a newly emerging threat actor referred to as Abraham’s Ax, which appeared on the cybersecurity radar in November 2022. This assessment is grounded in shared elements in iconography, video content, and leak sites…
A significant cybersecurity incident surfaced today involving the brief compromise of at least 18 popular JavaScript code packages, which collectively receive over two billion downloads weekly. The breach occurred after a developer, engaged in maintaining these projects, fell victim to a phishing attack. While the immediate threat was contained—focused on…
A recent leak comprising over 100,000 documents reveals that a relatively obscure Chinese firm, Geedge Networks, has been surreptitiously marketing censorship systems similar to the Great Firewall to governments globally. Founded in 2018 and backed by key figures involved in China’s censorship framework, Geedge promotes itself as a network-monitoring service…
