Skip to content
computer security Page 4

computer security

Legacy Python Bootstrap Scripts Create Domain-Takeover Risk in Multiple PyPI Packages

Legacy Python Bootstrap Scripts Create Domain-Takeover Risk in Multiple PyPI Packages

Nov 28, 2025Ravie LakshmananMalware / Vulnerability Cybersecurity researchers have discovered vulnerable code in legacy Python packages that could potentially pave the way for a supply chain compromise on the Python Package Index (PyPI) via a… 

Read More »Legacy Python Bootstrap Scripts Create Domain-Takeover Risk in Multiple PyPI Packages
North Korean Hackers Deploy 197 npm Packages to Spread Updated OtterCookie Malware

North Korean Hackers Deploy 197 npm Packages to Spread Updated OtterCookie Malware

Nov 28, 2025Ravie LakshmananSupply Chain Attack / Malware The North Korean threat actors behind the Contagious Interview campaign have continued to flood the npm registry with 197 more malicious packages since last month. According to… 

Read More »North Korean Hackers Deploy 197 npm Packages to Spread Updated OtterCookie Malware
MS Teams Guest Access Can Remove Defender Protection When Users Join External Tenants

MS Teams Guest Access Can Remove Defender Protection When Users Join External Tenants

Nov 28, 2025Ravie LakshmananEmail Security / Enterprise Security Cybersecurity researchers have shed light on a cross-tenant blind spot that allows attackers to bypass Microsoft Defender for Office 365 protections via the guest access feature in… 

Read More »MS Teams Guest Access Can Remove Defender Protection When Users Join External Tenants
Bloody Wolf Expands Java-based NetSupport RAT Attacks in Kyrgyzstan and Uzbekistan

Bloody Wolf Expands Java-based NetSupport RAT Attacks in Kyrgyzstan and Uzbekistan

Nov 27, 2025Ravie LakshmananMalware / Social Engineering The threat actor known as Bloody Wolf has been attributed to a cyber attack campaign that has targeted Kyrgyzstan since at least June 2025 with the goal of… 

Read More »Bloody Wolf Expands Java-based NetSupport RAT Attacks in Kyrgyzstan and Uzbekistan
Microsoft to Block Unauthorized Scripts in Entra ID Logins with 2026 CSP Update

Microsoft to Block Unauthorized Scripts in Entra ID Logins with 2026 CSP Update

Nov 27, 2025Ravie LakshmananWeb Security / Zero Trust Microsoft has announced plans to improve the security of Entra ID authentication by blocking unauthorized script injection attacks starting a year from now. The update to its… 

Read More »Microsoft to Block Unauthorized Scripts in Entra ID Logins with 2026 CSP Update
AI Malware, Voice Bot Flaws, Crypto Laundering, IoT Attacks — and 20 More Stories

AI Malware, Voice Bot Flaws, Crypto Laundering, IoT Attacks — and 20 More Stories

Nov 27, 2025Ravie LakshmananCybersecurity / Hacking News Hackers have been busy again this week. From fake voice calls and AI-powered malware to huge money-laundering busts and new scams, there’s a lot happening in the cyber… 

Read More »AI Malware, Voice Bot Flaws, Crypto Laundering, IoT Attacks — and 20 More Stories
Gainsight Expands Impacted Customer List Following Salesforce Security Alert

Gainsight Expands Impacted Customer List Following Salesforce Security Alert

Nov 27, 2025Ravie LakshmananRansomware / Cloud Security Gainsight has disclosed that the recent suspicious activity targeting its applications has affected more customers than previously thought. The company said Salesforce initially provided a list of 3… 

Read More »Gainsight Expands Impacted Customer List Following Salesforce Security Alert
Qilin Ransomware Turns South Korean MSP Breach Into 28-Victim ‘Korean Leaks’ Data Heist

Qilin Ransomware Turns South Korean MSP Breach Into 28-Victim ‘Korean Leaks’ Data Heist

South Korea’s financial sector has been targeted by what has been described as a sophisticated supply chain attack that led to the deployment of Qilin ransomware. “This operation combined the capabilities of a major Ransomware-as-a-Service… 

Read More »Qilin Ransomware Turns South Korean MSP Breach Into 28-Victim ‘Korean Leaks’ Data Heist