SecurityScorecard 2025 Global Third-Party Breach Report Reveals Surge in Vendor-Driven Attacks

Blog

Byadmblake March 28, 2025

Post Content

Blog

Kimsuky Debuts HTTPTroy Backdoor Against South Korea Users

The well-known North Korean threat group continues to improve the obfuscation and anti-analysis features of its attack toolchain.

Read More Kimsuky Debuts HTTPTroy Backdoor Against South Korea Users
Blog

WordPress Woes Continue Amid ClickFix Attacks, TDS Threats

Vulnerable and malicious plug-ins are giving threat actors the ability to compromise WordPress sites and use them as a springboard to a variety of cyber threats and scams.

Read More WordPress Woes Continue Amid ClickFix Attacks, TDS Threats
Blog

Sophos Workspace Protection Enables Secure SaaS App Control

Easily secure access to your SaaS applications Categories: Products & Services, Workspace

Read More Sophos Workspace Protection Enables Secure SaaS App Control
Blog

Meta Rolls Out New Tools to Protect WhatsApp and Messenger Users from Scams

Meta on Tuesday said it’s launching new tools to protect Messenger and WhatsApp users from potential scams. To that end, the company said it’s introducing new warnings on WhatsApp when users attempt to share their screen with an unknown contact during a video call so as to prevent them from giving away sensitive information like…

Read More Meta Rolls Out New Tools to Protect WhatsApp and Messenger Users from Scams
Blog

Years of JSONFormatter and CodeBeautify Leaks Expose Thousands of Passwords and API Keys

New research has found that organizations in various sensitive sectors, including governments, telecoms, and critical infrastructure, are pasting passwords and credentials into online tools like JSONformatter and CodeBeautify that are used to format and validate code. Cybersecurity company watchTowr Labs said it captured a dataset of over 80,000 files on these sites, uncovering thousands of

Read More Years of JSONFormatter and CodeBeautify Leaks Expose Thousands of Passwords and API Keys
Blog

Researchers Find Malicious VS Code, Go, npm, and Rust Packages Stealing Developer Data

Cybersecurity researchers have discovered two new extensions on Microsoft Visual Studio Code (VS Code) Marketplace that are designed to infect developer machines with stealer malware. The VS Code extensions masquerade as a premium dark theme and an artificial intelligence (AI)-powered coding assistant, but, in actuality, harbor covert functionality to download additional payloads, take

Read More Researchers Find Malicious VS Code, Go, npm, and Rust Packages Stealing Developer Data

Related