cyber news

PhantomRaven Malware Found in 126 npm Packages Stealing GitHub Tokens From Devs

Oct 30, 2025Ravie LakshmananDevSecOps / Software Security Cybersecurity researchers have uncovered yet another active software supply chain attack campaign targeting the npm registry with over 100 malicious packages that can steal authentication tokens, CI/CD secrets,…

Experts Reports Sharp Increase in Automated Botnet Attacks Targeting PHP Servers and IoT Devices

Oct 29, 2025Ravie LakshmananVulnerability / Internet of Things Cybersecurity researchers are calling attention to a spike in automated attacks targeting PHP servers, IoT devices, and cloud gateways by various botnets such as Mirai, Gafgyt, and…

New AI-Targeted Cloaking Attack Tricks AI Crawlers Into Citing Fake Info as Verified Facts

Oct 29, 2025Ravie LakshmananMachine Learning / AI Safety Cybersecurity researchers have flagged a new security issue in agentic web browsers like OpenAI ChatGPT Atlas that exposes underlying artificial intelligence (AI) models to context poisoning attacks.…

Ghost Identities, Poisoned Accounts, & AI Agent Havoc

BeyondTrust’s annual cybersecurity predictions point to a year where old defenses will fail quietly, and new attack vectors will surge. Introduction The next major breach won’t be a phished password. It will be the result…

Russian Hackers Target Ukrainian Organizations Using Stealthy Living-Off-the-Land Tactics

Organizations in Ukraine have been targeted by threat actors of Russian origin with an aim to siphon sensitive data and maintain persistent access to compromised networks. The activity, according to a new report from the…

Discover Practical AI Tactics for GRC — Join the Free Expert Webinar

Oct 29, 2025The Hacker NewsArtificial Intelligence / Compliance Artificial Intelligence (AI) is rapidly transforming Governance, Risk, and Compliance (GRC). It’s no longer a future concept—it’s here, and it’s already reshaping how teams operate. AI’s capabilities…

10 npm Packages Caught Stealing Developer Credentials on Windows, macOS, and Linux

Oct 29, 2025Ravie LakshmananMalware / Threat Intelligence Cybersecurity researchers have discovered a set of 10 malicious npm packages that are designed to deliver an information stealer targeting Windows, Linux, and macOS systems. “The malware uses…

Active Exploits Hit Dassault and XWiki — CISA Confirms Critical Flaws Under Attack

Oct 29, 2025Ravie LakshmananVulnerability / Malware Threat actors are actively exploiting multiple security flaws impacting Dassault Systèmes DELMIA Apriso and XWiki, according to alerts issued by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and…

New TEE.Fail Side-Channel Attack Extracts Secrets from Intel and AMD DDR5 Secure Enclaves

Oct 28, 2025Ravie LakshmananEncryption / Hardware Security A group of academic researchers from Georgia Tech, Purdue University, and Synkhronix have developed a side-channel attack called TEE.Fail that allows for the extraction of secrets from the…

New Android Trojan ‘Herodotus’ Outsmarts Anti-Fraud Systems by Typing Like a Human

Oct 28, 2025Ravie LakshmananMalware / Mobile Security Cybersecurity researchers have disclosed details of a new Android banking trojan called Herodotus that has been observed in active campaigns targeting Italy and Brazil to conduct device takeover…

« Previous
1
…
17
18
19
20
21
…
332
Next »