Polyfill.io Supply Chain Attack Compromises Over 110,000 Websites In a concerning development for e-commerce and web developers, Google has responded to a supply chain attack targeting the widely used Polyfill.io service. The attack follows the acquisition of the domain by a Chinese company, which has modified the JavaScript library "polyfill.js"…
Cyberattacks disrupting various businesses have become increasingly prevalent in today’s digital landscape, notably impacting fleet operations. These cyber threats compromise not just vehicle functionality and cargo but also safety, data integrity, and ultimately, the financial health of the organization. Acknowledging these challenges is the fundamental first step toward enhancing cybersecurity…
In a notable expansion of its operations, the banking trojan known as Mispadu has shifted its attention from its initial focus on Latin America to include targets in Italy, Poland, and Sweden. Initially identified in 2019, Mispadu has evolved into a significant threat, particularly against sectors including finance, law, motor…
As the browser becomes the dominant workspace in enterprises, it is increasingly exploited by cybercriminals as a key attack vector. Various threats ranging from account takeovers and phishing attacks to malicious browser extensions highlight the browser’s role in compromising sensitive data and breaching organizational systems. Security professionals tasked with developing…
Recent findings published in the Nokia Threat Intelligence Report reveal a troubling increase in vulnerabilities facing the global telecommunications industry, with a particular emphasis on North America. The incorporation of Generative AI (GenAI) and automated strategies by cybercriminals is significantly intensifying these threats, leading to heightened risks for telecom operators.…
North Korean Threat Actor Deploys New Golang-Based Backdoor Targeting South Korean Sectors Recent reports indicate that the North Korea-affiliated threat actor known as Andariel has introduced a new backdoor, identified as Dora RAT, into their cyberattack arsenal. This malware has been employed in attacks that primarily target educational institutions, manufacturing…
TikTok Confirms Security Breach Targeting High-Profile Accounts TikTok has recently acknowledged a significant security vulnerability that has allowed threat actors to take control of prominent accounts on its platform. This incident, which has raised serious concerns about user safety and data security, was initially reported by Semafor and Forbes, highlighting…
A significant cybersecurity incident is unfolding, with thousands of Linux servers across the globe falling prey to a sophisticated dropper malware. This concerning development involves the deployment of proxyjacking and cryptomining malware, indicating a dangerous shift in the tactics employed by cybercriminals. The primary targets of this attack include organizations…
Emerging Threats Highlighted in 2024 Attack Intelligence Report The "2024 Attack Intelligence Report" by Rapid7 delivers critical insights into the evolving landscape of cybersecurity threats. This comprehensive report outlines alarming trends regarding vulnerabilities exploited in the past year, particularly emphasizing the dominance of zero-day vulnerabilities. Of the more than thirty…
