Over the past year, there have been a staggering 502 security incidents across major platforms, including 48 categorized as high-risk, leading to a combined total of 955 hours of significant and critical interruptions—equivalent to an astonishing 120 business days. These findings come from ‘The DevOps Threats Unwrapped’ report, compiled by…
Lazarus Group Strikes Again: Malicious Packages Discovered in npm Repository The notorious Lazarus Group, an advanced persistent threat (APT) linked to the North Korean government, has resurfaced with a new campaign, infiltrating the npm software repository—a vital resource for developers globally. Research from the Socket Research Team has revealed the…
Major Cyber Campaign Targets Nearly 1 Million Devices: A Review of the Multi-Stage Attack A comprehensive cyber campaign has recently come to light, targeting almost one million devices across a broad spectrum of individuals and organizations. This indiscriminate approach highlights a significant opportunistic strategy employed by the attackers, who aimed…
North Korea continues to be a formidable force in the realm of cybercrime, particularly targeting financial institutions and cryptocurrency platforms to sustain its military efforts, including nuclear and missile development programs. Recent analysis by security specialists from Nisos has uncovered a new tactic employed by North Korean hackers: using social…
Microsoft’s Copilot tool continues to access sensitive data despite the company’s efforts to restrict its use of removed resources from GitHub. A recent investigation by Lasso has uncovered that Microsoft’s attempts to limit access to a specialized Bing interface—which had previously been available at cc.bingj.com—have proven inadequate. Notably, while public…
Security Breach Exposes Sensitive Data at UnitedHealth Group and Highlights AI Vulnerabilities In what is now considered the largest medical data breach in U.S. history, UnitedHealth Group disclosed a ransomware attack on its subsidiary, Change Healthcare. The incident, which occurred in February 2024, compromised the personal and health information of…
Satya Nadella Highlights DeepSeek-R1 Model: Transforming AI Efficiency and Cost-Effectiveness Microsoft CEO Satya Nadella has underscored the transformative potential of AI, particularly through innovations like the DeepSeek-R1 model, which he asserts will significantly enhance efficiency, lower inference costs, and promote widespread AI adoption across various sectors. This announcement came during…
Hewlett Packard Enterprise (HPE) is currently investigating claims of a data breach allegedly perpetrated by the IntelBroker threat group. In a recent posting on a dark web forum, IntelBroker asserted that it had successfully infiltrated HPE’s network, acquiring sensitive information that they are now attempting to sell. According to reports,…
HPE Investigates Allegations of Data Breach by IntelBroker Hewlett Packard Enterprise (HPE) is currently examining claims made by the cybercriminal group known as IntelBroker, which has stated that it possesses stolen data and source code from the company. This announcement was made on a prominent cybercrime forum, where IntelBroker offered…
