#supply-chain-malware
#supply-chain-malware

Privacy professionals

NASA Employees Duped in Chinese Phishing Scheme Targeting U.S. Defense Software

DevOps

The Security Metric That's Failing You

fromComputerWeekly.com

BT has now blocked over a billion clicks to malicious websites, says NCSC | Computer Weekly

BT and EE have blocked over a billion clicks to malicious websites using intelligence from the UK's National Cyber Security Centre.

Crime crew impersonates help desk, abuses Teams chats

A new threat group uses social engineering and custom malware to steal data through Microsoft Teams and phishing tactics.

Careers

fromEntrepreneur

How to Know Where Your Security Threat Is Before It's Too Late

Organizations winning the security talent war operationalize key questions to prevent knowledge loss and enhance cybersecurity resilience.

Germany news

fromThe Local Germany

11 hours ago

Germany blames Russia for Signal phishing attacks on MPs

Germany blames Russia for phishing attacks targeting lawmakers and officials via the Signal messaging app.

NASA Employees Duped in Chinese Phishing Scheme Targeting U.S. Defense Software

A Chinese national impersonated U.S. researchers to obtain sensitive information from NASA and other entities, violating export control laws.

DevOps

The Security Metric That's Failing You

Measuring patch rates does not equate to a secure environment; real risks often lie in misconfigurations and outdated permissions.

fromComputerWeekly.com

BT has now blocked over a billion clicks to malicious websites, says NCSC | Computer Weekly

BT and EE have blocked over a billion clicks to malicious websites using intelligence from the UK's National Cyber Security Centre.

Crime crew impersonates help desk, abuses Teams chats

A new threat group uses social engineering and custom malware to steal data through Microsoft Teams and phishing tactics.

Ransomware Negotiator Pleads Guilty to Deploying Ransomware Himself

A ransomware negotiator conspired with hackers, betraying clients and facilitating attacks against multiple companies.

Healthcare

fromNextgov.com

Former FBI official proposes terror designations for ransomware hackers targeting hospitals

Ransomware actors targeting critical infrastructure may be designated as terrorists, allowing for expanded legal actions against them.

Law

Third ransomware pro pleads guilty to cybercrime U-turn

Angelo Martino pleaded guilty to aiding the ALPHV/BlackCat ransomware gang in extorting US businesses.

fromTechCrunch

Information security

Ransomware negotiator pleads guilty to helping ransomware gang | TechCrunch

Information security

Third US Security Expert Admits Helping Ransomware Gang

fromFuturism

2 hours ago

Ransomware Negotiator Pleads Guilty to Deploying Ransomware Himself

A ransomware negotiator conspired with hackers, betraying clients and facilitating attacks against multiple companies.

Healthcare

fromNextgov.com

Former FBI official proposes terror designations for ransomware hackers targeting hospitals

Ransomware actors targeting critical infrastructure may be designated as terrorists, allowing for expanded legal actions against them.

Law

Third ransomware pro pleads guilty to cybercrime U-turn

Angelo Martino pleaded guilty to aiding the ALPHV/BlackCat ransomware gang in extorting US businesses.

fromTechCrunch

Information security

Ransomware negotiator pleads guilty to helping ransomware gang | TechCrunch

Information security

Third US Security Expert Admits Helping Ransomware Gang

more#ransomware

Privacy technologies

fromThe Local Germany

7 hours ago

As phishing attacks hit Germany - how secure is Signal messenging app?

Signal, a secure messaging app, faces phishing attacks linked to Russian groups, raising concerns about its security despite its end-to-end encryption.

DevOps

2 years ago

What is Cloud Security? Fundamental Guide

Cloud security requires specialized processes and technologies to protect assets and data from evolving threats in a dynamic environment.

Business intelligence

How Physical Security Data Is Supporting Public Safety Challenges

Physical security data is primarily used for officer safety, situational awareness, and responding to public safety emergencies.

Deliverability

The Behavioral Shift: Why Trusted Relationships Are the Newest Attack Surface

Email attackers now exploit behavioral weaknesses, using tailored tactics that blend into trusted relationships and workflows, making detection more challenging.

Artificial intelligence

fromWIRED

fromwww.independent.co.uk

5 AI Models Tried to Scam Me. Some of Them Were Scary Good

Artificial intelligence is increasingly capable of executing sophisticated social engineering attacks, as demonstrated by the DeepSeek-V3 model.

UK politics

Iran, Russia and China behind most major cyberattacks on UK, security chief warns

The Independent provides critical journalism on key issues without paywalls, emphasizing the importance of accessible reporting.

Fundraising

fromIndependent

Company has more than 2m stolen from account following cyber attack

Future Energy Capital Limited lost over €2m due to a cyber attack last October.

fromIT Brew

Asking around: When does ransomware threat intelligence become noise?

Effective threat intelligence requires filtering information relevant to specific market segments to avoid overwhelming alerts.

ShinyHunters claim they have cruise giant Carnival's booty

Carnival Corporation faces a significant data breach involving 7.5 million email addresses linked to its Mariner Society loyalty program.

#malware

Information security

Researchers Uncover Pre-Stuxnet 'fast16' Malware Targeting Engineering Software

Information security

Researchers find sabotage malware that may predate Stuxnet

Information security

CISA, NCSC issue Firestarter backdoor warning

Information security

Fake Google Antigravity Installer Can Steal Accounts in Minutes

Malicious pgserve, automagik developer tools found in npm registry

Malicious npm packages aim to steal sensitive data and credentials, potentially leading to complete organizational takeovers.

1 week ago

New Phishing Attack Turns n8n Into On-Demand Malware Machine

Attackers are exploiting n8n workflows to deliver malware while evading detection and blending into normal business activities.

Researchers Uncover Pre-Stuxnet 'fast16' Malware Targeting Engineering Software

A new Lua-based malware, fast16, predates Stuxnet and targets high-precision calculation software for cyber sabotage.

Researchers find sabotage malware that may predate Stuxnet

Malware named fast16 aims to sabotage engineering and physics simulation software, predating Stuxnet and targeting high-precision tools.

CISA, NCSC issue Firestarter backdoor warning

Firestarter malware targets a US federal agency, maintaining persistent access to compromised devices, posing risks to government and critical infrastructure.

Fake Google Antigravity Installer Can Steal Accounts in Minutes

A fake Google Antigravity download exposes user accounts to compromise by delivering malware alongside the legitimate application.

Malicious pgserve, automagik developer tools found in npm registry

Malicious npm packages aim to steal sensitive data and credentials, potentially leading to complete organizational takeovers.

1 week ago

New Phishing Attack Turns n8n Into On-Demand Malware Machine

Attackers are exploiting n8n workflows to deliver malware while evading detection and blending into normal business activities.

more#malware

fromArs Technica

Why are top university websites serving porn? It comes down to shoddy housekeeping.

Universities often neglect DNS record maintenance, leading to hijacked subdomains that can appear in search results.

The Privacy-Security Partnership: How We Bend Risk in a Resource Crunch

Fewer privacy practitioners feel confident in meeting laws, while resource shortages and compliance challenges increase stress in the field.

Lovable under fire over data breach

Lovable faced criticism for a vulnerability that exposed users' sensitive data, including source code and chat history, due to insufficient access controls.

fromArs Technica

Now, even ransomware is using post-quantum cryptography

Kyber's use of PQC key-exchange algorithms serves more as a marketing tactic than a practical security measure against imminent quantum threats.

Artificial intelligence

Context Hub vulnerable to supply chain attacks, says tester

Using non-authoritative information sources in AI tools can lead to significant risks and predictable consequences.

Why Cybersecurity Must Rethink Defense in the Age of Autonomous Agents

Agentic AI is transforming cybersecurity, presenting both opportunities for defenders and risks for attackers, necessitating a strategic response from the industry.

LMDeploy CVE-2026-33626 Flaw Exploited Within 13 Hours of Disclosure

A high-severity SSRF vulnerability in LMDeploy is actively exploited, allowing attackers to access sensitive data and internal networks.

DevOps

Documentation can contain malicious instructions for agents

Context Hub may enhance API usage but poses risks of software supply chain attacks through unverified documentation.

Remote Desktop security beefed up with hard-to-read messages

Microsoft's Remote Desktop update has a bug preventing security warnings from displaying correctly for some users.

Artificial intelligence

The agent security mess

Most granted permissions are unused by humans, but AI agents will exploit them, leading to significant security risks.

Bitwarden NPM Package Hit in Supply Chain Attack

The Bitwarden CLI NPM package was compromised, enabling credential theft through a malicious payload targeting various cloud services and GitHub repositories.

Information security

Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain Campaign

Bitwarden NPM Package Hit in Supply Chain Attack

The Bitwarden CLI NPM package was compromised, enabling credential theft through a malicious payload targeting various cloud services and GitHub repositories.

Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain Campaign

Bitwarden CLI was compromised in the Checkmarx supply chain campaign, with malicious code stealing sensitive data from users.

more#bitwarden

Operationally Ineffective: Putting CVEs in a Chokehold with Privilege Disruption

A Common Vulnerability Exposure (CVE) that cannot reach the privilege plane is operationally ineffective - even at a CVSS Score of 10. This should be a core philosophy that is embedded into the fabric of software engineering.

Information security

US Federal Agency's Cisco Firewall Infected With 'Firestarter' Backdoor

A US federal agency was infected with malware due to vulnerabilities in Cisco firewalls linked to a China-backed espionage campaign.

#ai

Information security

AI Can Autonomously Hack Cloud Systems With Minimal Oversight: Researchers

Information security

Microsoft is using Mythos to detect vulnerabilities

from24/7 Wall St.

Information security

5 Cybersecurity Stocks Most Likely to Benefit as AI Threats Drive Budget Increases in 2026

AI surpasses most humans in finding software flaws, prompting a defensive coalition to enhance cybersecurity.

fromFast Company

Brace yourself for a flood of patches in all of your tech gadgets

Mythos, Anthropic's AI model, identifies software vulnerabilities, prompting urgent updates to prevent exploitation by hackers.

AI Can Autonomously Hack Cloud Systems With Minimal Oversight: Researchers

AI systems can autonomously hack cloud environments, demonstrating advanced capabilities in executing sophisticated attacks without specific instructions.

Microsoft is using Mythos to detect vulnerabilities

Microsoft integrates AI into cybersecurity to enhance vulnerability detection and prevention during software development.

from24/7 Wall St.

5 Cybersecurity Stocks Most Likely to Benefit as AI Threats Drive Budget Increases in 2026

AI surpasses most humans in finding software flaws, prompting a defensive coalition to enhance cybersecurity.

fromFast Company

Brace yourself for a flood of patches in all of your tech gadgets

Mythos, Anthropic's AI model, identifies software vulnerabilities, prompting urgent updates to prevent exploitation by hackers.

more#ai

Vulnerabilities Patched in CrowdStrike, Tenable Products

CrowdStrike published an advisory for CVE-2026-40050, a critical unauthenticated path traversal vulnerability affecting its LogScale product. The flaw can allow a remote attacker to read arbitrary files from the server filesystem.

Information security

Are SBOMs Failing? Supply Chain Attacks Rise as Security Teams Struggle With SBOM Data

SBOMs and VEX statements fail to enhance software supply chain security due to poor decision-making and inconsistent interpretation of available data.

Attackers could disable all of a city's public EV chargers

Rented IoT infrastructure prioritizes user convenience over security, exposing them to denial of service attacks and vulnerabilities.

Security Leaders Discuss the Claude Mythos Breach

Security leaders emphasize the urgent need for AI-enabled cybersecurity measures in response to the Claude Mythos breach.

Recent Microsoft Defender Vulnerability Exploited as Zero-Day

A zero-day vulnerability in Microsoft Defender, tracked as CVE-2026-33825, allows privilege escalation through a flaw named BlueHammer.

Another npm supply chain worm hits dev environments

A new npm supply-chain attack targets developer workflows, compromising multiple packages and stealing sensitive data, with similarities to previous CanisterWorm infections.

fromSitePoint Forums | Web Development & Design Community

Why Your OpenClaw Setup is a "Malicious Insider" in Waiting

OpenClaw's capabilities pose significant security risks, revealing vulnerabilities that can be exploited by malicious insiders.

Unauthorized Users Accessed Claude Mythos, New Reports Suggest

Unauthorized access to Anthropic's AI model, Claude Mythos Preview, raises security concerns among experts due to its ability to identify digital vulnerabilities.

fromComputerWeekly.com

Interview: Critical local infrastructure is missing link in UK cyber resilience | Computer Weekly

Local infrastructure in the UK is vulnerable to cyber attacks, risking severe disruption to essential services and public safety.

Mirai Botnet Targets Flaw in Discontinued D-Link Routers

A Mirai botnet exploits a command injection vulnerability in discontinued D-Link routers, posing risks to connected devices.

Oracle Patches 450 Vulnerabilities With April 2026 CPU

Oracle released 481 new security patches in April 2026, addressing vulnerabilities across 28 product families, with many remotely exploitable without authentication.

Google Antigravity in Crosshairs of Security Researchers, Cybercriminals

Google Antigravity's vulnerabilities have attracted both security researchers and cybercriminals, leading to risks of remote code execution and malware delivery.

Progress Patches Multiple Vulnerabilities in MOVEit WAF, LoadMaster

Progress Software released patches for multiple vulnerabilities in MOVEit WAF and LoadMaster that could lead to remote code execution and command injection.

Serial-to-IP Converter Flaws Expose OT and Healthcare Systems to Hacking

Serial-to-IP converters have serious vulnerabilities that can expose critical systems to remote attacks.

Progress Patches Multiple Vulnerabilities in MOVEit WAF, LoadMaster

Progress Software released patches for multiple vulnerabilities in MOVEit WAF and LoadMaster that could lead to remote code execution and command injection.

Serial-to-IP Converter Flaws Expose OT and Healthcare Systems to Hacking

Serial-to-IP converters have serious vulnerabilities that can expose critical systems to remote attacks.

Organizations Warned of Exploited Cisco, Kentico, Zimbra Vulnerabilities

CISA expanded its Known Exploited Vulnerabilities catalog with eight new flaws, including high-severity bugs in Cisco and Kentico products.

Security Leaders Discuss the Vercel Breach

The Vercel data breach highlights the risks of targeted account takeovers and the importance of effective communication during security incidents.

Adaptavist Group breach: Ransomware crew claims mega-haul

Adaptavist Group is investigating a security breach involving stolen credentials, while a ransomware group claims to have accessed extensive data.

Unsecured Perforce Servers Expose Sensitive Data From Major Orgs

Many internet-facing Perforce P4 servers are misconfigured, exposing sensitive information and allowing unauthorized access.

Top 3 Cyber Insurance Incident Claims

Cyber incidents are increasing claims in the insurance industry despite decreasing premiums, indicating a more active risk environment.

Bluesky Disrupted by Sophisticated DDoS Attack

The attack is impacting our application, with users experiencing intermittent interruptions in service for their feeds, notifications, threads and search.

Information security

1 week ago

'By Design' Flaw in MCP Could Enable Widespread AI Supply Chain Attacks

MCP's architectural flaw allows adversarial takeover of user systems, exposing sensitive data and enabling malware installation.

2 weeks ago

The Hidden Cost of Recurring Credential Incidents

Credential incidents cause significant operational costs and disruptions, impacting IT teams and overall business productivity beyond just breach prevention.

3 weeks ago

Mercor Hit by LiteLLM Supply Chain Attack

We believe that the compromise originated from the Trivy dependency used in our CI/CD security scanning workflow. Our security team moved promptly to contain and remediate the incident.

Information security

Identity has become malleable for cyber attackers

Modern cyberattacks combine psychological manipulation, deepfakes, voice phishing, and stolen data to breach even well-defended organizations without exploiting software vulnerabilities.

Threat Actors Target the Entire Retail Supply Chain

Threat actors exploit shared supply chain vulnerabilities between wholesalers and retailers, with over 70% of retailers and 60% of wholesalers having exposed credentials, enabling widespread initial access.

2 months ago

Supply chain breaches fuel cybercrime cycle, report says

Cybercriminals are industrializing supply chain attacks into a self-reinforcing ecosystem combining package compromise, credential theft, identity attacks, and ransomware.

2 months ago

Why cyberattacks don't require advanced hacking

Poor cyber hygiene, weak identity security, overdue IT maintenance, and incomplete logging make organizations vulnerable to financially motivated attacks such as ransomware and email fraud.

Threat intelligence supply chain is full of weak links

China's ban on foreign security software threatens the global threat intelligence ecosystem by risking data fragmentation and weakening international cybersecurity collaboration.