The Rise of Supply Chain Attacks: A Growing Concern for Businesses In 2021, the cybersecurity landscape was notably defined by a surge in supply chain attacks. These incidents occur when cybercriminals compromise third-party software components to infiltrate downstream applications. High-profile breaches such as those involving SolarWinds, Kaseya, and Codecov have…
Recent research has unveiled details of what is being referred to as the largest botnet discovered in the past six years, known as “Pink.” This sophisticated malware has reportedly infected over 1.6 million devices, predominantly located in China. Its primary objectives include orchestrating Distributed Denial-of-Service (DDoS) attacks and injecting ads…
A recent cyber threat known as GlassWorm has been detected, specifically targeting developers utilizing Visual Studio Code extensions via the OpenVSX marketplace. Koi Security unveiled this campaign, which leverages trusted extensions to automatically propagate across various development environments while employing stolen credentials to facilitate further infections. Distinct from typical malware…
Cybercrime, Fraud Management & Cybercrime Internet-Exposed Call Center Software Under Attack; Patch Tuesday Update Anviksha More (AnvikshaMore) • October 16, 2025 Image: Shutterstock/ISMG This week, the Information Security Media Group covers a range of cybersecurity incidents: Chinese hackers exploiting ArcGIS, vulnerabilities in internet-exposed call center software, and the latest Patch…
The challenge of safeguarding digital secrets in an increasingly interconnected world has become increasingly urgent. GitGuardian’s engineers faced a critical task while developing their HasMySecretLeaked service, designed to assist developers in determining whether confidential information—such as passwords, API keys, and cryptographic certificates—has been inadvertently exposed within public GitHub repositories. The…
Recent findings indicate that individuals around the globe could replicate a sensitive data collection operation, utilizing readily available satellite hardware. Researchers conducted an experiment employing standard satellite technology: a $185 satellite dish, a $140 roof mount, a $195 motor, and a $230 tuner card, all totaling under $800. This highlights…
The Lazarus Group, a prominent North Korean hacking organization, has recently launched a new campaign employing the Windows Update service to execute its malicious payload. This development reflects an ongoing expansion of the group’s utilization of living-off-the-land (LotL) techniques to achieve its objectives. Known by several aliases, including APT38 and…
The cybersecurity landscape is increasingly marked by a staggering disparity in the value of personal information on the dark web. In this context, Electronic Health Records (EHRs) command the highest price, selling for upwards of $1,000 each. This is significantly more than a credit card number, which averages around $5,…
Artificial Intelligence & Machine Learning, Next-Generation Technologies & Secure Development Research Uncovers Vulnerability Allowing Data Exfiltration via Hidden Images Rashmi Ramesh (rashmiramesh_) • October 9, 2025 Image: PJ McDonnell/Shutterstock A recently resolved vulnerability within GitHub Copilot Chat has been identified, which could have permitted threat actors to extract source code…
