A new supply chain attack, Sandworm_Mode, has hit the NPM registry, weaponizing AI coding assistants and typosquatting to steal credentials and propagate through open-source projects. Developers are urged to audit dependencies and rotate secrets immediately.
A surge in business email compromise attacks is exploiting hijacked conversations and lookalike domains to commit financial fraud. Learn how these tactics work—and how to fight back.
A new Mac malware campaign, Matryoshka, uses clever social engineering and fileless execution to steal passwords and crypto wallets—without leaving a trace on disk. Learn how it works and how to stay safe.
A sophisticated malware campaign dubbed Matryoshka is targeting macOS users via typosquatting domains and social engineering, using in-memory payloads to steal credentials and crypto wallet data. Here’s how it works and how to stay safe.
A fake SymPy Python package named sympy-dev evaded detection with in-memory cryptomining malware, exposing thousands of developers in a sophisticated supply chain attack.
Hackers impersonated the Jackson JSON library to infiltrate Maven Central, using a subtle prefix swap and advanced obfuscation to deliver Cobalt Strike payloads. This unprecedented supply chain attack exposes critical namespace vulnerabilities in Java’s core ecosystem.
A single typo in a Windows activation command led users to a fake MAS domain, infecting their systems with Cosmali Loader malware. This Netcrook investigation reveals how attackers exploited a one-letter difference to deploy cryptominers and remote access tools.
A single typo can now land you in a web of scams and malware. Investigative research uncovers how parked domains have evolved into a primary channel for cybercrime, with sophisticated actors exploiting ad networks and DNS tricks to evade detection.
A malicious NuGet package posing as a trusted .NET library went undetected for nearly six years, stealing cryptocurrency wallet data through clever typosquatting and hidden code. The incident exposes major risks in the open-source supply chain.
Malicious Go packages disguised as Google’s UUID tools stole sensitive data for years by exploiting typosquatting. Here’s how attackers blended in, what was stolen, and how developers can defend against such supply chain threats.