Lazarus Deploys RemotePE Memory-Only RAT Against Financial and Crypto Firms
Cybersecurity researchers have shed light on a cross-platform malware called RemotePE that has been put to use by the North…
BlogThe Blog
Insights, tips, and news from the frontlines of cybersecurity.
npm Adds 2FA-Gated Publishing and Package Install Controls Against Supply Chain Attacks
GitHub has rolled out new controls for npm to improve the security of the software supply chain, giving maintainers the…
Blog
Packagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware
A new “coordinated” supply chain attack campaign has impacted eight packages on Packagist including malicious code designed to run a…
Blog
Claude Mythos AI Finds 10,000 High-Severity Flaws in Widely Used Software
Anthropic on Friday disclosed that Project Glasswing has helped uncover more than 10,000 high- or critical-severity vulnerabilities across some of…
Blog
Laravel-Lang PHP Packages Compromised to Deliver Cross-Platform Credential Stealer
Cybersecurity researchers have flagged a fresh software supply chain attack campaign that has targeted multiple PHP packages belonging to Laravel-Lang…
Blog
LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root
A maximum-severity security vulnerability impacting LiteSpeed User-End cPanel Plugin has come under active exploitation in the wild. The flaw, tracked…
Blog
First VPN Dismantled in Global Takedown Over Use by 25 Ransomware Groups
Authorities in Europe and North America have announced the dismantling of a criminal virtual private network (VPN) service used by…
Blog
Ghostwriter Targets Ukraine Government Entities with Prometheus Phishing Malware
The Belarus-aligned threat actor known as Ghostwriter (aka UAC-0057 and UNC1151Ukraine’s National Security and Defense Council) has been observed using…
Blog
Megalodon GitHub Attack Targets 5,561 Repos with Malicious CI/CD Workflows
Cybersecurity researchers have disclosed details of a new automated campaign called Megalodon that has pushed 5,718 malicious commits to 5,561…
Blog
Making Vulnerable Drivers Exploitable Without Hardware – The BYOVD Perspective
1 Introduction This article provides a technical analysis of how many Windows kernel mode drivers can be interacted with from…
Blog