Lazarus Hackers Deploy Malicious NPM Packages on Software Developers Systems
In a detailed investigation by Socket security researchers, a new malicious npm package, "postcss-optimizer," has been linked to the notorious North Korean Advanced Persistent...
Government and Telecom Networks Under Attack as Hackers Exploit Exposed IIS, Apache, SQL Servers
A sophisticated cyber espionage campaign, designated as CL-STA-0048, has been uncovered, targeting critical organizations in South Asia, including a telecommunications entity.
Identified by Palo...
Lazarus APT Injects Malware into Trusted Packages to Gain Backdoor Access
A recent investigation by STRIKE, the cybersecurity division of SecurityScorecard, has uncovered a meticulously orchestrated cyber espionage campaign, dubbed "Operation Phantom Circuit," spearheaded by...
Cyber Threat Actors Exploit Gov Websites for Phishing Attacks
A recent intelligence report by Cofense highlights the exploitation of government (.gov) domains by phishing threat actors between November 2022 and November 2024.
These domains,...
Google Researchers Analyze Scatterbrain Malware Behind PoisonPlug Attacks
Since its initial observation in 2022, Google's Threat Intelligence Group (GTIG) has been meticulously tracking cyber espionage campaigns linked to China-nexus threat groups utilizing...
