The well-known npm package eslint-config-prettier was released without authorization, according to several GitHub users, even though its repository did not contain any corresponding code changes. The maintainer later confirmed via social media that the…
Cybersecurity researchers have provided insight into a persistent threat cluster linked to the well-known North Korean state-sponsored hacker outfit Lazarus, according to a comprehensive analysis published in March by Sekoia’s Threat Detection an…
Security researchers at Lookout have identified four novel samples of DCHSpy, an advanced Android surveillanceware attributed to the Iranian threat actor group MuddyWater, believed to be affiliated with Iran’s Ministry of Intelligence and Securit…
Researchers uncovered an active Android malware cluster that ingeniously combines brand impersonation with traffic monetization tactics, targeting users across multiple regions. These malicious Android Package Kit (APK) files exploit social engineering…
A new wave of cyber-attacks has emerged, exploiting Windows shortcut files (.LNK) combined with legitimate system utilities collectively known as Living-off-the-Land Binaries and Scripts (LOLBin/S) to deliver the DeerStealer infostealer through highly …
A targeted attack against a U.S.-based certified public accounting firm was discovered in May 2025 by cybersecurity experts, according to a recent study described in eSentire’s Threat Response Unit (TRU) Positives report. The campaign leveraged a…
Kaspersky MDR analysts recently uncovered a sophisticated targeted attack by the Chinese-speaking cyberespionage group APT41 against government IT services in the African region, marking a notable escalation in the group’s activity on the contine…
Kaspersky MDR analysts recently uncovered a sophisticated targeted attack by the Chinese-speaking cyberespionage group APT41 against government IT services in the African region, marking a notable escalation in the group’s activity on the contine…
Iran-linked APT MuddyWater is deploying new DCHSpy spyware variants to target Android users amid the ongoing conflict with Israel. Lookout researchers observed Iran-linked APT MuddyWater (aka SeedWorm, TEMP.Zagros, and Static Kitten) is deploying a new version of the DCHSpy Android spyware in the context of the Israel-Iran conflict. The first MuddyWater campaign was observed in late 2017, when the APT group targeted entities in […]
Fake npm website used in phishing attack to steal maintainer token, leading to malware in popular JavaScript packages like eslint-config-prettier.