Information Security News Blog

Diagram illustrating the jscrambler supply chain attack and IronWorm malware infection process 0

Jscrambler Supply Chain Attack Analysis

The Initial Compromise and Detection A stolen package registry key enabled a cybercriminal to execute a severe jscrambler supply chain attack. They successfully uploaded five infected versions of the npm package. These rogue versions...

Critical Joomla extension vulnerabilities diagram, iCagenda and Balbooa Forms exploit overview 0

Critical Joomla Extension Vulnerabilities Actively Exploited

Immediate Threat to Joomla Websites Two critical vulnerabilities in Joomla’s iCagenda and Balbooa Forms extensions face active exploitation. Furthermore, cybercriminals launched these attacks before developers could issue patches. Both flaws permit attackers to upload...

Debian 13.6 point release updates with UEFI Secure Boot and Linux kernel patches 0

Debian 13.6 Released: Crucial Security and UEFI Fixes

Predictability and Stability Refined A stable distribution is cherished above all for its unwavering predictability. Debian 13.6 reinforces this virtue beautifully. It introduces a substantial array of remedies for the Linux kernel, server software,...

IRIS C2 cybersecurity startup website logo alongside zero-day exploit hackers 0

IRIS C2 Cybersecurity Startup Secretly Run by Fraudsters

The IRIS C2 cybersecurity startup promises millions of dollars for undiscovered zero-day vulnerabilities. Furthermore, it offers mobile phone hacking tools directly to government agencies. However, two convicted political provocateurs orchestrate this high-profile venture. These...

Cavern Manticore modular framework and Iranian hackers C2 platform infiltrating Israeli IT infrastructure 0

Cavern Manticore Modular Framework Exposed

Iranian hackers have transformed ubiquitous system administration tools into clandestine pathways for infiltrating highly secure networks. The threat actor known as Cavern Manticore leverages a novel, modular framework dubbed “Cavern.” They orchestrate sophisticated cyberattacks...