More results...
Cybersecurity researchers have uncovered a large-scale attack targeting the npm ecosystem, compromising 16 popular React Native packages with a combined download count exceeding one million per week. The attack, detected on June 6th, 2025, represents a…
Socket’s Threat Research Team has uncovered two malicious npm packages, express-api-sync and system-health-sync-api, designed to masquerade as legitimate utilities while embedding destructive backdoors capable of annihilating production systems. …
In the rapidly shifting digital world, cybersecurity professionals are constantly seeking innovative tools that not only streamline workflows but also empower users with deeper insights and automation. Enter Kali GPT—a groundbreaking AI assistant tailo…
A recent investigation by Genians Security Center (GSC) has uncovered a highly sophisticated, multi-channel cyber espionage campaign attributed to the North Korea-aligned advanced persistent threat (APT) group known as Kimsuky. Between March and April …
A financially motivated group of hackers known as UNC6040 is using a simple but effective tactic to breach…
A newly identified social engineering attack dubbed “ClickFix” has emerged as a significant threat, leveraging meticulously crafted fake Cloudflare verification pages to trick users into executing malicious code on their devices. This phish…
A newly identified wave of cyberattacks by the notorious Scattered Spider hacking group has zeroed in on help-desk administrators at major technology companies, leveraging advanced social engineering techniques to breach corporate defenses. Known for t…
iVerify’s NICKNAME discovery reveals a zero-click iMessage flaw exploited in targeted attacks on US & EU high-value individuals…
The widespread text-sharing website Paste.ee has been used as a weapon by bad actors to spread powerful malware strains like XWorm and AsyncRAT, which is a worrying trend for cybersecurity professional. This tactic represents a significant shift in phi…
ESET researchers have uncovered the persistent activities of BladedFeline, an Iranian-aligned Advanced Persistent Threat (APT) group, which has maintained covert access to the networks of Kurdish and Iraqi government officials for nearly eight years. F…