Malicious npm Packages Discovered, Posing Serious Threat to Developers Security researchers have uncovered two npm packages that exceed their purported functionality, posing a significant threat to developers. Disguised as tools for system monitoring and data synchronization, these packages harbor destructive backdoors capable of remotely erasing all files within an application.…
Endpoint Security, Internet of Things Security Variant of Mirai Botnet Exploits DVR Command Injection Vulnerability, Impacting 50,000 Devices Anviksha More (AnvikshaMore) • June 9, 2025 Image: Ivan Kislitsin/Shutterstock A newly identified variant of the Mirai botnet is making headlines as it exploits a command injection vulnerability in internet-connected digital video…
By Xiumei Dong · June 9, 2025, 3:51 PM EDT In a troubling development for the legal sector, law firms have emerged as lucrative targets for cybercriminals, with incidents of data breaches reaching unprecedented levels in 2024. A recent analysis by Law360 Pulse highlights that despite extensive investments in cybersecurity…
A cybersecurity researcher recently identified a vulnerability that enabled the extraction of phone numbers associated with any Google account. This information is generally private and sensitive, as confirmed by both the researcher and independent testing by 404 Media. The vulnerability has since been addressed by Google. However, at the time…
A Chroma database managed by the Russian AI chatbot startup My Jedai has been found exposed online, resulting in a significant data leak that includes survey responses from over 500 Canva Creators. This compromised dataset features personal email addresses, feedback on Canva’s Creator Program, and insights into the experiences of…
Jackson Health System Reports Significant Insider Data Breach In a troubling development within the healthcare sector, Jackson Health System has revealed a new insider data breach that extends over a five-year period. This breach has raised concerns about the safeguarding of sensitive patient information, a critical aspect of healthcare organizations…
A recently reported cyberattack has seen a new type of malware, dubbed PathWiper, employed against vital services in Ukraine. The incident was analyzed by cybersecurity experts at Cisco Talos, who have shared their insights with the broader security community. Wiper malware, such as PathWiper, is specifically crafted to erase or…
Healthcare organizations generally recognize the importance of having a response plan in place for ransomware attacks, but the effectiveness of such plans often hinges on detailed preparation, according to Rick Doten, vice president and CISO of health plans at Centene Corp. In a recent interview, Doten emphasized that critical elements…
In a significant cybersecurity incident, researchers have identified what could be the largest single-source breach of Chinese personal data, with more than 4 billion user records exposed through an unsecured database. This incident raises alarms about potential invasions of privacy, surveillance, and the risk of data misuse, as the leaked…
