Tagged: cybersecurity

Poisoned Packages: A New Attack Hits the npm Ecosystem

Researchers at Socket have disclosed a new attack against the npm ecosystem, in which more than 40 packages were discovered to be laced with embedded malicious code. The compromise mechanism was meticulously engineered: it...

The Hidden Danger of Plain-Text Backup Codes

Huntress has published a detailed account of an incident in which attackers, having exploited a vulnerable SonicWall VPN, gained access to the management console and nearly stripped the organization of its defensive capabilities by...

The Silent Threat: How SEO Poisoning Spreads Malware

Chinese-language users became the target of a new SEO poisoning campaign that spread malware through counterfeit download sites for popular applications. Fortinet’s FortiGuard Labs reports that threat actors elevated malicious pages in Google results...