“Cyber warfare is as much about psychological strategy as technical prowess.”
― James Scott
-
AI-Generated Malicious npm Package Drains Solana Funds from 1,500+ Before Takedown [email protected] (The Hacker News)
Cybersecurity researchers have flagged a malicious npm package that was generated using artificial intelligence (AI) and concealed a cryptocurrency wallet drainer. The package, @kodane/patch-manager, claims to offer “advanced license validation and registry optimization utilities for high-performance Node.js applications.” It was uploaded to npm by a user named “Kodane” on July 28, 2025. TheRead More
-
You Are What You Eat: Why Your AI Security Tools Are Only as Strong as the Data You Feed Them [email protected] (The Hacker News)
Just as triathletes know that peak performance requires more than expensive gear, cybersecurity teams are discovering that AI success depends less on the tools they deploy and more on the data that powers them The junk food problem in cybersecurity Imagine a triathlete who spares no expense on equipment—carbon fiber bikes, hydrodynamic wetsuits, precision GPS…
-
News brief: Rise of AI exploits and the cost of shadow AI
Check out the latest security news from the Informa TechTarget team.Read More
-
An explanation of encryption
Encryption converts data into code that is only decipherable with the right key. This can be used to protect sensitive information in messages, payments and records.Read More
-
Storm-2603 Deploys DNS-Controlled Backdoor in Warlock and LockBit Ransomware Attacks [email protected] (The Hacker News)
The threat actor linked to the exploitation of the recently disclosed security flaws in Microsoft SharePoint Server is using a bespoke command-and-control (C2) framework called AK47 C2 (also spelled ak47c2) in its operations. The framework includes at least two different types of clients, HTTP-based and Domain Name System (DNS)-based, which have been dubbed AK47HTTP and…
-
An explanation of purple teaming
Purple teaming unites offensive red teams and defensive blue teams to share knowledge, find vulnerabilities and strengthen security through structured frameworks and playbooks.Read More
-
Secret Blizzard Deploys Malware in ISP-Level AitM Attacks on Moscow Embassies [email protected] (The Hacker News)
The Russian nation-state threat actor known as Secret Blizzard has been observed orchestrating a new cyber espionage campaign targeting foreign embassies located in Moscow by means of an adversary-in-the-middle (AitM) attack at the Internet Service Provider (ISP) level and delivering a custom malware dubbed ApolloShadow. “ApolloShadow has the capability to install a trusted root certificate…
-
Experts Detect Multi-Layer Redirect Tactic Used to Steal Microsoft 365 Login Credentials [email protected] (The Hacker News)
Cybersecurity researchers have disclosed details of a new phishing campaign that conceals malicious payloads by abusing link wrapping services from Proofpoint and Intermedia to bypass defenses. “Link wrapping is designed by vendors like Proofpoint to protect users by routing all clicked URLs through a scanning service, allowing them to block known malicious destinations at the…
-
N. Korean Hackers Used Job Lures, Cloud Account Access, and Malware to Steal Millions in Crypto [email protected] (The Hacker News)
The North Korea-linked threat actor known as UNC4899 has been attributed to attacks targeting two different organizations by approaching their employees via LinkedIn and Telegram. “Under the guise of freelance opportunities for software development work, UNC4899 leveraged social engineering techniques to successfully convince the targeted employees to execute malicious Docker containers in theirRead More
-
How to remove ransomware, step by step
Prevention is the best weapon against a ransomware infection. But in the event of compromise, consider these responses to contain and remove ransomware.Read More
“Security used to be an inconvenience sometimes, but now it’s a necessity all the time.”
― Martina Navratilova