In a recent Advanced Continual Threat Hunt (ACTH) operation, Trustwave’s SpiderLabs uncovered a stealthy campaign where cybercriminals weaponized ScreenConnect, a legitimate remote management tool, to deliver the Xworm Remote Access Trojan (RAT) through a layered infection chain. By using fake AI-related content and tampered digital certificates, the attackers managed to bypass many Endpoint Detection and […]
Cybersecurity experts have uncovered a loophole in the Visual Studio Code (VS Code) Marketplace that allows attackers to reuse the names of extensions that were previously removed. The discovery was made by ReversingLabs, a software supply chain security company, after identifying a malicious extension named “ahbanC.shiba”. This extension behaved similarly to two earlier extensions –
VS Code Flaw Lets Attackers Republish Deleted Extensions Read More »
Every day, countless businesses and project managers rely on platforms like Trello, Asana, Monday.com, and others to manage tasks and collaborate. But what happens when these trusted tools fail? According to a Statista report, the global average cost of a data breach is around $4.88 million. In 2024, the private data of over 15 million
Hidden Flaws in Project Tools and How FluentPro Backup Provides the Fix Read More »
A new supply-chain attack has compromised the widely used NX build tool, impacting more than 1,400 developers. Security researchers discovered that a malicious post-install script was added, which silently created a GitHub repository named s1ngularity-repository in affected users’ accounts. Inside this repository, attackers stored a base64-encoded dump containing highly sensitive information, including wallet files, API
NX Build Tool Hacked to Steal Wallets and Secrets Read More »
The U.S. Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with the NSA, FBI, and several international partners, has released a major cybersecurity advisory exposing a global espionage campaign conducted by state-sponsored hackers from the People’s Republic of China (PRC). These operations are targeting critical infrastructure networks around the world. The 37-page document, “Countering Chinese
CISA Guide to Hunt and Defend Against Chinese Hackers Read More »
A newly revealed security flaw in the ISC Kea DHCP server has raised serious concerns for organizations worldwide. Tracked as CVE-2025-40779, this vulnerability allows remote attackers to crash DHCPv4 services using a single specially crafted unicast packet, leading to potential large-scale network disruptions. Key Points Technical Details The flaw arises from an assertion failure in
Kea DHCP Vulnerability Enables Remote Crash Attack Read More »
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released an urgent advisory about a newly discovered zero-day flaw in Citrix NetScaler appliances. The issue, tracked as CVE-2025-7775, is a memory overflow vulnerability that enables remote code execution (RCE). Reports confirm that threat actors are already exploiting this weakness, which led to its immediate addition
CISA Issues Warning on Citrix NetScaler Zero-Day RCE Exploit Read More »
A new and highly coordinated malware campaign has surfaced in Indonesia, specifically preying on senior citizens who depend on the nation’s official pension system. The attackers are exploiting the credibility of PT Dana Tabungan dan Asuransi Pegawai Negeri (TASPEN), the state-owned pension fund that manages more than $15.9 billion in assets for millions of retired
New Malware Exploits TASPEN to Target Indonesian Senior Citizens Read More »
Over the past year, the Underground ransomware group has risen as a major threat to organizations worldwide, spanning multiple industries and countries. Initially spotted in July 2023, the gang reappeared in May 2024 with a Dedicated Leak Site (DLS), signaling a shift toward more advanced and strategic operations. Their attacks now reach from the United
Underground Ransomware Gang Reveals New Global Attack Tactics Read More »
The maintainers of the Nx build system have warned users about a supply chain attack that allowed cybercriminals to release malicious versions of the popular npm package along with supporting plugins, designed to steal sensitive information. According to the advisory published on Wednesday, “Malicious versions of the Nx package, and certain auxiliary plugins, were uploaded