A new activity from Webworm, a China-aligned advanced persistent threat (APT) group, revealing a significant evolution in its cyber espionage toolkit during 2025. The group, first publicly documented in 2022, has shifted its targeting from primarily Asian organizations to government…
Category: EN
GraphWorm Malware Uses Microsoft OneDrive as Command-and-Control Infrastructure
A well-known China-aligned threat group has quietly evolved its attack methods, and its latest toolset reveals just how far it is willing to go to stay hidden. A backdoor called GraphWorm has surfaced as part of this group’s growing arsenal,…
Over 320 NPM Packages Hit by Fresh Mini Shai-Hulud Supply Chain Attack
A compromised maintainer account was used to publish malicious package versions across the @antv namespace. The post Over 320 NPM Packages Hit by Fresh Mini Shai-Hulud Supply Chain Attack appeared first on SecurityWeek. This article has been indexed from SecurityWeek…
Novata uses AI to map risk across portfolios and supply chains
Novata has announced the launch of Risk Atlas, a new AI-powered risk monitoring tool designed to help organizations identify, compare, and prioritize risks across portfolios and supply chains. Framework for comparative risk visibility Risk Atlas provides a single, customizable framework…
ArmorCode gives security teams AI workers for exposure and remediation
ArmorCode has announced Anya Agents, a new agentic AI framework delivered on the patented ArmorCode Agentic AI Platform that enables organizations to operationalize AI-driven security workflows at enterprise scale. Built on ArmorCode’s Context Risk Graph, Anya Agents help security teams…
FBI: $388 million lost in crypto ATM scams in 2026
Americans lost more than $388 million to crypto kiosk scams in 2025, with the FBI warning that criminals are increasingly directing victims to transfer funds through these machines. Cryptocurrency kiosks, popularly known as Bitcoin ATMs, are physical automated teller machines…
China-Linked Webworm APT Evolves Tactics, Expands to European Targets
China-linked Webworm APT expands beyond Asia, targeting European government organizations and refining its cyber espionage tactics, according to ESET research This article has been indexed from www.infosecurity-magazine.com Read the original article: China-Linked Webworm APT Evolves Tactics, Expands to European Targets
Fake Tax Assessment Pages Spread Windows Malware
Hackers are actively targeting Windows users with fake Indian Income Tax assessment pages in a campaign tracked as TAX#TRIDENT. The campaign begins with fraudulent tax assessment or penalty pages designed to create urgency. Victims are prompted to download what appears…
Caught Off Guard: Securing AI After It Hits Production
As enterprises rush AI projects into production, security teams are increasingly being forced into reactive mode. The post Caught Off Guard: Securing AI After It Hits Production appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…
Trust3 AI focuses on AI agent risks with MCP Security layer
Trust3 AI has announced the launch of Model Context Protocol (MCP) Security, establishing a new standard for safeguarding enterprise agentic AI workloads. This solution forms a key capability within Trust3 AI’s enterprise agent control plane, empowering security and governance teams…
TeamPCP breached GitHub’s internal codebase via poisoned VS Code extension
Following TeamPCP’s claim that they’ve breached GitHub’s own private code repositories, the Microsoft-owned company launched an investigation and confirmed the compromise. “Our current assessment is that the activity involved exfiltration of GitHub-internal repositories only. The attacker’s current claims of ~3,800…
Typosquatting Is No Longer a User Problem. It’s a Supply Chain Problem
AI-generated lookalike domains are now embedded inside the third-party scripts running on your web properties. Here’s why your current stack can’t see them, and what detection actually requires. Download the CISO Expert Guide to Typosquatting in the AI Era →…
GitHub Confirms Breach of Internal Repositories Via Malicious VS Code Extension
The prolific threat group TeamPCP has claimed a hack into GitHub’s internal repositories This article has been indexed from www.infosecurity-magazine.com Read the original article: GitHub Confirms Breach of Internal Repositories Via Malicious VS Code Extension
This Is a Hold-Up: Financial Services Under Attack
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Blog Read the original article: This Is a Hold-Up: Financial Services Under Attack
Certes Research Warns Legacy Systems Are Biggest Barrier to Quantum Security Readiness
Certes has released new research showing that many organizations remain unprepared for the security risks posed by quantum computing, despite growing awareness of the threat. According to the company’s Emerging PQC Imperative report, 78% of organizations believe legacy systems represent…
GitHub says internal repos exfiltrated after poisoned VS Code extension attack
Initial assessment says customer data spared while users wonder what else may have slipped out This article has been indexed from www.theregister.com – Articles Read the original article: GitHub says internal repos exfiltrated after poisoned VS Code extension attack
Real-World ICS Security Tales From the Trenches
SecurityWeek spoke with several ICS security experts and companies about their most memorable experiences in the field. The post Real-World ICS Security Tales From the Trenches appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…
Tracking TamperedChef Clusters via Certificate and Code Reuse
Unit 42 analyzes TamperedChef malware clusters that use trojanized productivity apps and malvertising to deliver stealthy payloads to targets. The post Tracking TamperedChef Clusters via Certificate and Code Reuse appeared first on Unit 42. This article has been indexed from…
Microsoft Set To Bring Biggest India Data Centre Online
Microsoft reportedly plans to begin operating its biggest data centre in India in mid-2026, amid pressure to show payoff on AI spending This article has been indexed from Silicon UK Read the original article: Microsoft Set To Bring Biggest India…
New NGINX Vulnerability Allow Remote Attackers to Trigger Malicious Code
A new vulnerability in NGINX JavaScript (njs), tracked as CVE‑2026‑8711, allows unauthenticated remote attackers to trigger a heap‑based buffer overflow that can lead to denial‑of‑service and, in some conditions, remote code execution in the NGINX worker process. The flaw is…