Information Security News Blog
-
Attackers are compromising websites at scale and installing hidden tools on servers to maintain remote control. The campaign has hit numerous small and medium-sized organizations in Australia. However, the attacks extend well beyond any...
-
Malicious firmware can seize control of a device before Linux starts. It can remain nearly invisible to security software running at the OS level. Researchers at Binarly discovered six vulnerabilities in U-Boot. The open-source...
-
Corporate storage systems are rarely taken offline unless the risk is serious. Progress Software has asked customers to shut down their ShareFile Storage Zone Controller servers immediately. The request comes in response to a...
The Initial Compromise and Detection A stolen package registry key enabled a cybercriminal to execute a severe jscrambler supply chain attack. They successfully uploaded five infected versions of the npm package. These rogue versions...
Invisible Threats in Code Reviews A malicious pull request can bypass code reviews flawlessly. Days later, it compels an AI assistant to covertly exfiltrate project secrets. Attackers simply conceal instructions within an ordinary PNG...
Immediate Threat to Joomla Websites Two critical vulnerabilities in Joomla’s iCagenda and Balbooa Forms extensions face active exploitation. Furthermore, cybercriminals launched these attacks before developers could issue patches. Both flaws permit attackers to upload...
Predictability and Stability Refined A stable distribution is cherished above all for its unwavering predictability. Debian 13.6 reinforces this virtue beautifully. It introduces a substantial array of remedies for the Linux kernel, server software,...
Fraudsters have turned human trust into a global, multi-million-dollar industry. The latest coordinated strike against that industry is among the largest in recent years. Operation First Light 2026 brought together law enforcement from 97...
A ransomware negotiator is supposed to help victim organizations reduce what they pay. Angelo Martino did the opposite. He secretly told the attackers how much each client was willing to pay. He collected a...
The IRIS C2 cybersecurity startup promises millions of dollars for undiscovered zero-day vulnerabilities. Furthermore, it offers mobile phone hacking tools directly to government agencies. However, two convicted political provocateurs orchestrate this high-profile venture. These...
A single crafted network request can transform a Palo Alto Networks firewall from a security boundary into an entry point. A vulnerability in PAN-OS allows a remote, unauthenticated attacker to disrupt device operation and...
An ordinary cryptocurrency wallet library update quickly transformed into a devastating trap. Within just 49 minutes, this trap could hand attackers complete control over user funds. Specifically, malicious actors embedded a malicious code payload...
The US National Security Agency restored the name Tailored Access Operations (TAO) to its elite hacking unit. Furthermore, this decision forms part of an internal reorganization. This shift aims to accelerate missions against foreign...
Iranian hackers have transformed ubiquitous system administration tools into clandestine pathways for infiltrating highly secure networks. The threat actor known as Cavern Manticore leverages a novel, modular framework dubbed “Cavern.” They orchestrate sophisticated cyberattacks...
Sometimes a single opened email is all it takes to compromise a university network. Researchers at Proofpoint have uncovered a campaign they call UNK_MassTraction. A threat group believed to have ties to China was...