Mar 24, 2025Ravie LakshmananMalware / Ransomware
A ransomware-as-a-service (RaaS) operation called VanHelsing has already claimed three victims since it launched on March 7, 2025.
"The...
Mar 24, 2025Ravie LakshmananPassword Security / Compliance
If given the choice, most users are likely to favor a seamless experience over complex security measures,...
Mar 24, 2025Ravie LakshmananMalware / Encryption
Cybersecurity researchers have uncovered two malicious extensions in the Visual Studio Code (VSCode) Marketplace that are designed to...
Mar 24, 2025Ravie LakshmananWeekly Recap / Hacking
A quiet tweak in a popular open-source tool opened the door to a supply chain breach—what started...
Mar 24, 2025Ravie LakshmananVulnerability / Web Security
A critical security flaw has been disclosed in the Next.js React framework that could be potentially exploited...
The supply chain attack involving the GitHub Action "tj-actions/changed-files" started as a highly-targeted attack against one of Coinbase's open-source projects, before evolving into...
Mar 22, 2025Ravie LakshmananFinancial Security / Cryptocurrency
The U.S. Treasury Department has announced that it's removing sanctions against Tornado Cash, a cryptocurrency mixer service...
Mar 21, 2025Ravie LakshmananThreat Hunting / Vulnerability
Threat hunters have uncovered a new threat actor named UAT-5918 that has been attacking critical infrastructure entities...
Mar 21, 2025Ravie LakshmananRansomware / BYOVD
The threat actors behind the Medusa ransomware-as-a-service (RaaS) operation have been observed using a malicious driver dubbed ABYSSWORKER...
