A supply chain attack hit NPM, threat actors compromised 16 popular Gluestack packages, affecting 950K+ weekly downloads. Researchers from Aikido Security discovered a new supply chain attack targeted NPM, compromising 16 popular Gluestack ‘react-native-aria’ packages with over 950K weekly downloads.…
Category: EN
Germany Police Have ID’d the Leader of Trickbot Criminal Gang
Cops in Germany have found cybercrime gang leader The Federal Criminal Police of Journey “BKA” has claimed that Stern, the leader of TrickBot and Conti cybercrime gangs, is Vitaly Nikolaevich Kovalev, a 36-year-old Russian. According to BKA, he is suspected…
Enterprises are getting stuck in AI pilot hell, say Chatterbox Labs execs
Security, not model performance, is what’s stalling adoption Interview Before AI becomes commonplace in enterprises, corporate leaders have to commit to an ongoing security testing regime tuned to the nuances of AI models.… This article has been indexed from The…
From Quarterbacks to CxOs: Why We All Need a Coach
At one time, having a personal coach was just for top-tier athletes, but no longer. Whether you prefer the term “mentor” or “life coach,” there’s growth potential for us all to consider. The post From Quarterbacks to CxOs: Why We…
Security Affairs newsletter Round 527 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Experts…
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 48
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Pure Crypter Malware Analysis: 99 Problems but Detection Ain’t One Attacker exploits misconfigured AI tool to run AI-generated payload Crocodilus Mobile…
Malicious Browser Extensions Infect 722 Users Across Latin America Since Early 2025
Cybersecurity researchers have shed light on a new campaign targeting Brazilian users since the start of 2025 to infect users with a malicious extension for Chromium-based web browsers and siphon user authentication data. “Some of the phishing emails were sent…
Week in review: Google fixes exploited Chrome zero-day, Patch Tuesday forecast
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: June 2025 Patch Tuesday forecast: Second time is the charm? Microsoft has been busy releasing more out-of-band (OOB) patches than usual throughout May. Google fixes…
Wireshark 4.4.7 Released, (Sun, Jun 8th)
Wireshark release 4.4.7 fixes 1 vulnerability (%%cve:2025-5601%%) and 8 bugs. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: Wireshark 4.4.7 Released, (Sun, Jun 8th)
Extracting With pngdump.py, (Sun, Jun 8th)
Inspired by Xavier's diary entry “A PNG Image With an Embedded Gift”, I updated my pngdump.py program to enable the extraction of chunks and extra data (similar to my other analysis tools, like pngdump.py). This article has been indexed from…
From StackStorm to DeepTempo
And what does it tell us about Cybersecurity? As the founding CEO of StackStorm and now DeepTempo, I’ve seen how the needs of CISOs and SOCs have changed over the last 10+ years. New challenges and a better color scheme! When we…
Europe just launched DNS4EU, a public DNS resolver with privacy and security options
DNS is one of the cornerstones of the Internet. Put simply, it is designed to turn domain names, say ghacks.net, into IP addresses. This process is usually handled by the Internet service […] Thank you for being a Ghacks reader.…
Rust-Developed InfoStealer Extracts Sensitive Data from Chromium-Based Browsers
Browsers at risk The latest information-stealing malware, made in the Rust programming language, has surfaced as a major danger to users of Chromium-based browsers such as Microsoft Edge, Google Chrome, and others. Known as “RustStealer” by cybersecurity experts, this advanced…
Scalable Solutions for NHI Management
Is Your Organization Implementing Scalable Solutions for NHI Management? Is your business laying a solid groundwork for efficient Non-Human Identity (NHI) management? If not, you’re likely exposing your organization to unnecessary risks. Data leaks and breaches could be lurking around…
Boost Your Confidence with Strong NHI Management
Why Does NHI Management Matter? Imagine being able to boost your confidence, largely dependent on automated processes. What if there was a way to foster a sense of security about your organization’s data management, transparency, and regulatory compliance? In comes…
Driving Innovation through Secure NHIs
Are You Embracing Innovation Securely? The quest for innovation is always at the forefront. Our desire to push boundaries and create more efficient and dynamic solutions is a driving force for progress. However, amid all the technological advancements and breakthroughs,…
Empower Your Team with Robust NHI Protocols
How Crucial Are Robust NHI Protocols in Empowering Teams? These days, it’s a fair assumption that most businesses base a significant portion of their operations. The management of Non-Human Identities (NHIs) has become increasingly important. Although it’s a relatively new…
Trump administration takes aim at Biden and Obama cybersecurity rules
In a White House fact sheet, the administration claims that Biden’s Executive Order 14144 — signed days before the end of his presidency — was an attempt “to sneak problematic and distracting issues into cybersecurity policy.” This article has been…
Over 20 Malicious Apps on Google Play Target Users for Seed Phrases
Over 20 malicious apps on Google Play are stealing crypto seed phrases by posing as trusted wallets and exchanges, putting users’ funds at risk. This article has been indexed from Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto…
The 2024 Red Hat Product Security Risk Report: CVEs, XZ Backdoor, SSCAs, AI…oh my!
Grab a large sweet tea or a cup of coffee and read the 2024 Product Security Risk Report from Red Hat Product Security. As someone striving to stay informed about the open source ecosystem and its security challenges, I found…