cybersecurity threats
-
North Korea-Linked Malicious npm Packages Expose Developers to Security Risks
Cybersecurity researchers have uncovered a new wave of malicious npm packages linked to North Korean threat actors, raising significant concerns for software developers. The covert operation targets job seekers and developers, exposing them to sophisticated supply chain attacks designed to steal sensitive information and compromise systems.
-
APT28 Hackers Exploit Signal to Deploy Advanced Malware Against Ukraine
CERT-UA has issued an urgent warning about APT28’s sophisticated malware deployment using Signal to target Ukrainian entities. The introduction of BEARDSHELL and COVENANT signifies an alarming escalation in cyber threats.
-
Cybersecurity Alert: Hackers Target 65 Microsoft Exchange Servers Worldwide
Hackers are increasingly targeting Microsoft Exchange servers to inject credential-harvesting keyloggers, affecting 65 organizations across 26 countries. Positive Technologies reported these attacks utilize JavaScript vulnerabilities, emphasizing the urgent need for enhanced cybersecurity practices.
-
U.S. House Bans WhatsApp for Congressional Staff Citing Security Risks
The U.S. House of Representatives has officially banned congressional staff from using WhatsApp on government-issued devices due to security concerns, recommending alternative messaging platforms. Meanwhile, WhatsApp defends its security measures in response.
-
Critical Vulnerability in WordPress Motors Theme Exploited by Hackers
Hackers are exploiting a significant vulnerability in the WordPress “Motors” theme, allowing them to take control of administrator accounts and jeopardize website security. The flaw, known as CVE-2025-4322, was flagged by Wordfence which reports extensive attacks targeting user accounts.
-
Google Enhances AI Security with Layered Defenses Against Prompt Injection Attacks
Google has taken significant steps to enhance the security of its generative AI systems by implementing layered defenses against indirect prompt injections, which pose a new cybersecurity risk. These measures include advanced filtering techniques and a proactive approach to preventing malicious user inputs.
-
Serious Vulnerability Found in Zyxel Devices Sparks Security Concerns
A serious vulnerability, CVE-2023-28771, affects Zyxel devices, prompting warnings from cybersecurity experts after a spike in exploit attempts was detected. Owners are urged to secure their devices against potential threats.
-
Nucor Confirms Data Breach as Cybersecurity Incident Unfolds
Nucor has confirmed that attackers behind a recent cybersecurity incident have stolen data from its network, prompting immediate actions to contain the breach and restore operations.
-
Russian Hackers Employ Advanced Social Engineering to Bypass Gmail’s Multi-Factor Authentication
A new campaign by Russian hackers has successfully bypassed Gmail’s multi-factor authentication, targeting academics and critics of Russia through sophisticated social engineering attacks, as reported by Google Threat Intelligence Group.
-
Cyber Attack on UK Retailers Marks & Spencer and Co-op Attributed to Scattered Spider Group
The recent cyber attacks targeting UK retailers Marks & Spencer and Co-op have been linked to the Scattered Spider cybercrime group, with financial impacts estimated at up to £440 million. The UK’s Cyber Monitoring Centre described the incidents as a single combined cyber event, prompting heightened concerns in the insurance sector as the group shifts…
