Skip to content
network security Page 92

network security

Malicious PyPI, npm, and Ruby Packages Exposed in Ongoing Open-Source Supply Chain Attacks

Malicious PyPI, npm, and Ruby Packages Exposed in Ongoing Open-Source Supply Chain Attacks

Several malicious packages have been uncovered across the npm, Python, and Ruby package repositories that drain funds from cryptocurrency wallets, erase entire codebases after installation, and exfiltrate Telegram API tokens, once again demonstrating the variety… 

Read More »Malicious PyPI, npm, and Ruby Packages Exposed in Ongoing Open-Source Supply Chain Attacks
HPE Issues Security Patch for StoreOnce Bug Allowing Remote Authentication Bypass

HPE Issues Security Patch for StoreOnce Bug Allowing Remote Authentication Bypass

Jun 04, 2025The Hacker NewsVulnerability / DevOps Hewlett Packard Enterprise (HPE) has released security updates to address as many as eight vulnerabilities in its StoreOnce data backup and deduplication solution that could result in an… 

Read More »HPE Issues Security Patch for StoreOnce Bug Allowing Remote Authentication Bypass
Fake DocuSign, Gitcode Sites Spread NetSupport RAT via Multi-Stage PowerShell Attack

Fake DocuSign, Gitcode Sites Spread NetSupport RAT via Multi-Stage PowerShell Attack

Jun 03, 2025Ravie LakshmananUnited States Threat hunters are alerting to a new campaign that employs deceptive websites to trick unsuspecting users into executing malicious PowerShell scripts on their machines and infect them with the NetSupport… 

Read More »Fake DocuSign, Gitcode Sites Spread NetSupport RAT via Multi-Stage PowerShell Attack
Critical 10-Year-Old Roundcube Webmail Bug Allows Authenticated Users Run Malicious Code

Critical 10-Year-Old Roundcube Webmail Bug Allows Authenticated Users Run Malicious Code

Jun 03, 2025Ravie LakshmananEmail Security / Vulnerability Cybersecurity researchers have disclosed details of a critical security flaw in the Roundcube webmail software that has gone unnoticed for a decade and could be exploited to take… 

Read More »Critical 10-Year-Old Roundcube Webmail Bug Allows Authenticated Users Run Malicious Code
Android Trojan Crocodilus Now Active in 8 Countries, Targeting Banks and Crypto Wallets

Android Trojan Crocodilus Now Active in 8 Countries, Targeting Banks and Crypto Wallets

Jun 03, 2025Ravie LakshmananMobile Security / Malware A growing number of malicious campaigns have leveraged a recently discovered Android banking trojan called Crocodilus to target users in Europe and South America. The malware, according to… 

Read More »Android Trojan Crocodilus Now Active in 8 Countries, Targeting Banks and Crypto Wallets
Google Chrome to Distrust Two Certificate Authorities Over Compliance and Conduct Issues

Google Chrome to Distrust Two Certificate Authorities Over Compliance and Conduct Issues

Jun 03, 2025Ravie LakshmananWeb Security / Digital Identity Google has revealed that it will no longer trust digital certificates issued by Chunghwa Telecom and Netlock citing “patterns of concerning behavior observed over the past year.”… 

Read More »Google Chrome to Distrust Two Certificate Authorities Over Compliance and Conduct Issues
Microsoft and CrowdStrike Launch Shared Threat Actor Glossary to Cut Attribution Confusion

Microsoft and CrowdStrike Launch Shared Threat Actor Glossary to Cut Attribution Confusion

Jun 03, 2025Ravie LakshmananThreat Intelligence / Cyber Threats Microsoft and CrowdStrike have announced that they are teaming up to align their individual threat actor taxonomies by publishing a new joint threat actor mapping. “By mapping… 

Read More »Microsoft and CrowdStrike Launch Shared Threat Actor Glossary to Cut Attribution Confusion