Skip to content
inionline.net
  • Managed IT Support Services
  • Contact Us
inionline.net
  • Blog

    UK Social Media Ban for Minors Has Privacy Experts Worried

    The UK will ban adolescents under 16 years old from user-to-user social-media platforms, despite age-verification issues and privacy concerns.

    Read More UK Social Media Ban for Minors Has Privacy Experts WorriedContinue

  • Blog

    144 Mastra npm Packages Compromised via Hijacked Contributor Account

    As many as 144 npm packages associated with the Mastra namespace (“@mastra/*”), a popular open-source JavaScript and TypeScript framework for building artificial intelligence (AI) applications, have been compromised as part of a software supply chain attack codenamed easy-day-js, per findings from JFrog, SafeDep, Socket, and StepSecurity. “A single npm account (ehindero) mass-published more

    Read More 144 Mastra npm Packages Compromised via Hijacked Contributor AccountContinue

  • Blog

    CISA Warns of Actively Exploited Joomla JCE Flaw Allowing PHP Code Execution

    The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a maximum-severity security flaw impacting Widget Factory Joomla Content Editor (JCE) to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2026-48907 (CVSS score: 10.0), is a case of improper access control that could facilitate arbitrary

    Read More CISA Warns of Actively Exploited Joomla JCE Flaw Allowing PHP Code ExecutionContinue

  • Blog

    npm Supply Chain Cryptocurrency Malware

    What is the Attack? Researchers have identified a large-scale software supply chain campaign targeting the npm ecosystem, leveraging malicious JavaScript packages to distribute a multi-stage cryptocurrency-focused malware framework. The campaign affected numerous npm packages that collectively accumulated more than 2.7 million downloads, significantly increasing the potential victim pool among developers, software organizations, and CI/CD environments….

    Read More npm Supply Chain Cryptocurrency MalwareContinue

  • Blog

    Fileless Phantom Stealer Targets Browser Credentials

    In addition to executing entirely in memory, the malware’s infection chain incorporates other anti-analysis techniques designed to frustrate detection.

    Read More Fileless Phantom Stealer Targets Browser CredentialsContinue

  • Blog

    Security Community Slams US Ban on Exporting Mythos, Fable

    An open letter signed by dozens of security experts asked the government to reverse export restrictions on Anthropic’s Claude Fable 5 and Mythos 5 models.

    Read More Security Community Slams US Ban on Exporting Mythos, FableContinue

  • Blog

    Google Vertex AI SDK Flaw Let Attackers Hijack Model Uploads via Bucket Squatting

    A flaw in the Google Cloud Vertex AI SDK for Python let an attacker with no access to a victim’s project hijack the victim’s machine learning model upload and run code inside Google’s serving infrastructure. Palo Alto Networks Unit 42, which found and reported the bug through Google’s bug bounty program, calls the technique “Pickle…

    Read More Google Vertex AI SDK Flaw Let Attackers Hijack Model Uploads via Bucket SquattingContinue

  • Blog

    SprySOCKS Windows Variant Abuses Kernel Drivers to Evade Detection

    FishMonger, a China-nexus threat group, has deployed an undocumented version of the Linux backdoor against government targets in Honduras, Taiwan, Thailand, and Pakistan.

    Read More SprySOCKS Windows Variant Abuses Kernel Drivers to Evade DetectionContinue

  • Blog

    ClickFix Campaigns Expand Malware Delivery With New Loaders and Fake Update Lures

    Cybersecurity researchers have flagged multiple ClickFix campaigns that deliver three malware loaders called BabaDeda Loader, Lorem Ipsum Loader, and Potemkin, per independent reports from Morphisec, BlueVoyant, and Huntress, respectively. Attacks involving BabaDeda Loader, observed in April 2026, have targeted education and financial organizations. “Earlier BabaDeda activity was known for

    Read More ClickFix Campaigns Expand Malware Delivery With New Loaders and Fake Update LuresContinue

  • Blog

    Rokarolla Android Trojan Levels Up to Full Device Control, Persistence

    The emerging malware, spread via fake TikTok and Chrome downloads, demonstrates an evolution by combining banking fraud with extensive device surveillance and remote control.

    Read More Rokarolla Android Trojan Levels Up to Full Device Control, PersistenceContinue

Page navigation

1 2 3 … 495 Next PageNext
Facebook
Privacy Policy
Background by Vecteezy

Web Design 2024 SekuritasIT

Veteran Owned and Operated

Scroll to top
  • Managed IT Support Services
  • Contact Us