Risk
-
Critical Security Flaw Found in Brother Printers Affects Millions of Devices
A critical security vulnerability in Brother printers, affecting hundreds of models, cannot be patched through firmware updates. Security firm Rapid7 has identified the flaw, which could allow attackers to generate default administrator passwords, prompting urgent action to mitigate risks.
-
North Korea-Linked Malicious npm Packages Expose Developers to Security Risks
Cybersecurity researchers have uncovered a new wave of malicious npm packages linked to North Korean threat actors, raising significant concerns for software developers. The covert operation targets job seekers and developers, exposing them to sophisticated supply chain attacks designed to steal sensitive information and compromise systems.
-
Cybersecurity Alert: Hackers Target 65 Microsoft Exchange Servers Worldwide
Hackers are increasingly targeting Microsoft Exchange servers to inject credential-harvesting keyloggers, affecting 65 organizations across 26 countries. Positive Technologies reported these attacks utilize JavaScript vulnerabilities, emphasizing the urgent need for enhanced cybersecurity practices.
-
New XDigo Malware Targets Eastern European Governments Using LNK Flaw
The XDigo malware, linked to the cyber espionage group XDSpy, has been identified as a prominent threat targeting Eastern European government agencies, exploiting a vulnerability within Windows shortcut files for its deployment.
-
Nucor Confirms Data Breach as Cybersecurity Incident Unfolds
Nucor has confirmed that attackers behind a recent cybersecurity incident have stolen data from its network, prompting immediate actions to contain the breach and restore operations.
-
Russian Hackers Employ Advanced Social Engineering to Bypass Gmail’s Multi-Factor Authentication
A new campaign by Russian hackers has successfully bypassed Gmail’s multi-factor authentication, targeting academics and critics of Russia through sophisticated social engineering attacks, as reported by Google Threat Intelligence Group.
-
Cyber Attack on UK Retailers Marks & Spencer and Co-op Attributed to Scattered Spider Group
The recent cyber attacks targeting UK retailers Marks & Spencer and Co-op have been linked to the Scattered Spider cybercrime group, with financial impacts estimated at up to £440 million. The UK’s Cyber Monitoring Centre described the incidents as a single combined cyber event, prompting heightened concerns in the insurance sector as the group shifts…
-
New Campaign Uncovers 67 Trojanized GitHub Repositories Targeting Python Users
Cybersecurity experts have revealed a new campaign identifying 67 trojanized GitHub repositories that falsely advertise Python hacking tools, delivering malicious software instead. This campaign highlights the significant risks of using open-source repositories for developers.
-
Viasat Falls Victim to Chinese Salt Typhoon Hackers Amid Ongoing Cyber Threats
Satellite communications company Viasat has been targeted by the cyber-espionage group Salt Typhoon. The company is collaborating with federal authorities to investigate the breach, which has raised concerns about ongoing cybersecurity threats faced by telecom providers.
-
Water Curse: A New Threat Actor Targeting GitHub to Distribute Malware
Researchers have unveiled Water Curse, a new threat actor leveraging GitHub repositories to distribute malware. The malware enables extensive data exfiltration and remote access, underscoring the risks of supply chain attacks through legitimate platforms.
