Security Issues, Vulnerabilities, Exploits & Government Alerts
Every day, businesses, teams, and project managers trust platforms like Trello, Asana, etc., to collaborate and manage tasks. But what happens when that trust is broken? According to a recent report by Statista, the average…
The maintainers of the nx build system have alerted users to a supply chain attack that allowed attackers to publish malicious versions of the popular npm package and other auxiliary plugins with data-gathering capabilities. “Malicious…
Aug 28, 2025Ravie LakshmananArtificial Intelligence / Malware The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) announced a fresh round of sanctions against two individuals and two entities for their role in…
The financially motivated threat actor known as Storm-0501 has been observed refining its tactics to conduct data exfiltration and extortion attacks targeting cloud environments. “Unlike traditional on-premises ransomware, where the threat actor typically deploys malware…
Cybersecurity company ESET has disclosed that it discovered an artificial intelligence (AI)-powered ransomware variant codenamed PromptLock. Written in Golang, the newly identified strain uses the gpt-oss:20b model from OpenAI locally via the Ollama API to…
Aug 27, 2025Ravie LakshmananCyber Attack / Artificial Intelligence Anthropic on Wednesday revealed that it disrupted a sophisticated operation that weaponized its artificial intelligence (AI)-powered chatbot Claude to conduct large-scale theft and extortion of personal data…
A threat activity cluster known as ShadowSilk has been attributed to a fresh set of attacks targeting government entities within Central Asia and Asia-Pacific (APAC). According to Group-IB, nearly three dozen victims have been identified,…
WASHINGTON – Today, the Cybersecurity and Infrastructure Security Agency (CISA), in coordination with the National Security Agency (NSA), Federal Bureau of Investigation (FBI), and international partners, released a joint cybersecurity advisory detailing ongoing malicious activity by People’s…
WASHINGTON – The Cybersecurity and Infrastructure Security Agency (CISA) and its public and private sector partners are working closely with officials in Nevada as they respond to an August 24th cyber attack targeting the state…
Aug 27, 2025The Hacker NewsEnterprise Security / Data Protection Employees are experimenting with AI at record speed. They are drafting emails, analyzing data, and transforming the workplace. The problem is not the pace of AI…