Information Security News Blog

T3MP3ST vulnerability framework architecture and autonomous AI agent workflow 0

The T3MP3ST Vulnerability Framework

Until recently, discovering software vulnerabilities was a highly specialized task. It often demanded months of painstaking manual labor. However, a novel framework demonstrates a paradigm shift. Standard AI coding assistants now increasingly perform this...

PolinRider North Korea supply chain attack targeting npm, Go modules, and Chrome extensions 0

PolinRider Supply Chain Attack Spans npm, Go, Chrome

PolinRider is no longer a story about a handful of malicious npm packages. Researchers at Socket uncovered 162 malicious release artifacts spread across 108 packages and browser extensions. The campaign now reaches multiple open-source...

Mustang Panda Zoho WorkDrive malware attack targeting India energy sector 0

Mustang Panda Exploits Zoho WorkDrive in Cyber Espionage

An innocuous cloud-based file collaboration platform recently became the conduit for a sophisticated espionage operation. The notorious Chinese threat actor, Mustang Panda, orchestrated targeted attacks against Indian government agencies and the energy sector, exploiting...

FortiBleed malware campaign analysis showing FortiGate firewall compromises by INC Ransom 0

FortiBleed Malware Campaign Linked to INC Ransom

Recent revelations have surfaced regarding the notorious FortiBleed malicious operation. Researchers have definitively linked this campaign to more than mere credential harvesting. Instead, they attribute it directly to the Lynx/INC ransomware syndicate. Security experts...