Blog

Cybersecurity researchers have identified three sets of malicious packages across the npm and Python Package Index (PyPI) repository that come with capabilities to steal data and even delete sensitive data from infected systems. The list of identified packages is below – @async-mutex/mutex, a typosquat of async-mute (npm) dexscreener, which masquerades as a library for accessing…

Popular video-sharing social network TikTok has officially gone dark in the United States, 2025, as a federal ban on the app comes into effect on January 19, 2025. “We regret that a U.S. law banning TikTok will take effect on January 19 and force us to make our services temporarily unavailable,” the company said in…

The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) has imposed sanctions against a Chinese cybersecurity company and a Shanghai-based cyber actor for their alleged links to the Salt Typhoon group and the recent compromise of the federal agency. “People’s Republic of China-linked (PRC) malicious cyber actors continue to target U.S. government systems, including…

The Supreme Court has affirmed TikTok’s ban in the US, which has its users in revolt and is creating a whole new set of national cybersecurity concerns.

The propensity for users to enter customer data, source code, employee benefits information, financial data, and more into ChatGPT, Copilot, and others is racking up real risk for enterprises.

The stolen firewall data is thorough but more than 2 years old now, meaning that most organizations following even basic security practices face minimal risk, hopefully.

The cyber actor played a role in the Treasury breach as well as attacks on critical infrastructure, linked to China-backed advanced persistent threat (APT) group Salt Typhoon.

As LLMs broaden access to hacking and diversify attack strategies, understanding the thought processes behind these innovations will be vital for bolstering IT defenses.

Cybersecurity researchers have disclosed three security flaws in Planet Technology’s WGS-804HPT industrial switches that could be chained to achieve pre-authentication remote code execution on susceptible devices. “These switches are widely used in building and home automation systems for a variety of networking applications,” Claroty’s Tomer Goldschmidt said in a Thursday report. “An attacker

Cybersecurity researchers have exposed a new campaign that targets web servers running PHP-based applications to promote gambling platforms in Indonesia. “Over the past two months, a significant volume of attacks from Python-based bots has been observed, suggesting a coordinated effort to exploit thousands of web apps,” Imperva researcher Daniel Johnston said in an analysis. “These…