Notepad++ has released version 8.8.9 to remediate a weakness in its WinGUp (GUP.exe) update mechanism. Researchers and users had reported incidents in which the updater, instead of fetching a legitimate installer, downloaded and executed...
The financially motivated group Storm-0249, long known as a broker of initial access for ransomware operators, has markedly refined its tradecraft, triggering a new wave of alarm among cybersecurity professionals. Analysts at ReliaQuest have...
A ransomware attack has crippled the operations of several key Puerto Rican government agencies, yet officials have still not publicly acknowledged the incident. According to available information, beginning on 25 November, three major public...
At the end of November, a team of bug hunters uncovered an infection chain that began with a seemingly harmless GitHub repository. Masquerading as a Visual Studio Code project, it concealed VBScript files linked...
A new case of software supply-chain compromise has been uncovered on the crates.io platform: a malicious Rust package was silently infecting the workstations of Web3 developers, disguising itself as an auxiliary tool for the...
The Glassworm campaign targeting popular Visual Studio Code extensions has entered yet another phase — researchers are now documenting a third wave of malicious uploads to the OpenVSX repository and the Microsoft Visual Studio...
For the PostHog team, developers of an open-source analytics platform, the recent npm-based attack has become the most serious security incident in the project’s history. The root of the breach was a malicious release...
North Korea’s Contagious Interview malware campaign continues to escalate its pressure on the JavaScript-development ecosystem. Threat actors affiliated with DPRK hacking units are massively uploading malicious packages to the npm repository, disguising spyware distribution...
ReliaQuest specialists have uncovered more than forty fraudulent domains masquerading as Zendesk portals, attributing them to the cyber-criminal group known as Scattered Lapsus$ Hunters. These domains host phishing pages with counterfeit SSO forms and...
The escalating saga surrounding the Salesforce ecosystem data breach has taken a new turn after the group ShinyHunters publicly claimed responsibility for its role in the incident. The events, unfolding over several months, have...
The investigation into the corporate data breach affecting Salesforce customers continues to widen. The company is now examining how third-party Gainsight applications became the channel through which unauthorized parties gained access to client information....
A cyber incident at Almaviva, a key contractor for Italy’s national railway group FS Italiane, has resulted in a massive cache of internal documents appearing on the dark web. The scale of the leak...
