SecurityWeek

Bitwarden NPM Package Hit in Supply Chain Attack

The Bitwarden CLI NPM package compromise is tied to a Checkmarx supply chain attack and references the Shai-Hulud worm.

GlassWorm malware attacks return via 73 OpenVSX "sleeper" extensions

A new wave of the Glassworm campaign is targeting the OpenVSX ecosystem with 73 "sleeper" extensions that turn malicious ...

Over 10,000 Zimbra servers vulnerable to ongoing XSS attacks

Over 10,000 Zimbra Collaboration Suite (ZCS) instances exposed online are vulnerable to ongoing attacks exploiting a ...
Dark Reading

Axios Attack Shows How Complex Social Engineering Is Industrialized

The Axios attack has highlighted the sophistication, scalability, and industrialization of social engineering attacks. Late last month, the NPM package of Axios, an extremely popular JavaScript HTTP ...
LGBTQ Nation

Gay adult performer Ty Roderick stabbed in “brutal” & “terrifying” attack

The family of gay adult video performer Ty Roderick is seeking financial help for his medical care after he was stabbed ...
Security Boulevard

AI Vulnerability Chaining – Why Your Security Stack Cannot Detect What Comes Next

Mythos combined four separate low-severity bugs into a complete browser sandbox escape. Traditional scanners evaluate ...

How geography powers Iran’s grip on the Strait of Hormuz, despite U.S. blockade

Even with a U.S. blockage, geography gives Iran an edge in the Strait of Hormuz, shaping control of a vital global chokepoint ...
Cryptopolitan on MSN

Axios supply chain attack raises risk to crypto wallets

Up to four npm packages on Axios were replaced with malicious versions, in one of the most sophisticated supply chain attacks.
Security Boulevard

500,000 Vulnerabilities, 14 That Matter: How Exploit Chain Analysis Cuts Through the Noise

When 500,000 Findings Hide 14 Real Threats Modern enterprises ingest vulnerability data from dozens of sources: endpoint ...
The Hacker News

Mustang Panda’s New LOTUSLITE Variant Targets India Banks, South Korea Policy Circles

Updated LOTUSLITE targets India banking sector via CHM and DLL side-loading, expanding espionage campaign to South Korea and ...
LGBTQ Nation on MSN

Trump administration is trying to make it harder for trans people to buy guns

The controversy comes amid reports that trans Americans have been increasingly arming themselves as protection against the ...

Buckingham Palace confirms King's US state visit to go ahead as planned after Trump dinner shooting

The King and Queen are heading to the US for a state visit today following the president being evacuated after gunshots were ...