Security
Headlines
HeadlinesLatestCVEs

Tag

#mac

Targeted PyPi Package Steals Google Cloud Credentials from macOS Devs

The campaign is laser-targeted, bucking the trend of "spray-and-pray" malicious open source packages turning up in code repositories seemingly every other day.

DARKReading
Open in Source
#mac#apple#google#nodejs#git#auth
Companies Struggle to Recover From CrowdStrike's Crippling Falcon Update

The cybersecurity firm says that 97% of sensors are back online, but some organizations continue to recover, with costs tallied at $5.4 billion for the Fortune 500 alone.

Could Intel Have Fixed Spectre & Meltdown Bugs Earlier?

Intel works closely with academic researchers on hardware flaws and coordinates efforts with other vendors to roll out fixes for emerging vulnerabilities. That wasn't always the case.

A North Korean Hacker Tricked a US Security Vendor Into Hiring Him—and Immediately Tried to Hack Them

KnowBe4 detailed the incident in a recent blog post as a warning for other potential targets.

Offensive AI: The Sine Qua Non of Cybersecurity

"Peace is the virtue of civilization. War is its crime. Yet it is often in the furnace of war that the sharpest tools of peace are forged." - Victor Hugo. In 1971, an unsettling message started appearing on several computers that comprised ARPANET, the precursor to what we now know as the Internet. The message, which read "I'm the Creeper: catch me if you can." was the output of a program named

Europe Is Pumping Billions Into New Military Tech

The European Commission is allocating €7.3 billion for defense research over the next seven years. From drones and tanks of the future to battleships and space intelligence, here's what it funds.

Ongoing Cyberattack Targets Exposed Selenium Grid Services for Crypto Mining

Cybersecurity researchers are sounding the alarm over an ongoing campaign that's leveraging internet-exposed Selenium Grid services for illicit cryptocurrency mining. Cloud security Wiz is tracking the activity under the name SeleniumGreed. The campaign, which is targeting older versions of Selenium (3.141.59 and prior), is believed to be underway since at least April 2023. "Unbeknownst to most

CrowdStrike Warns of New Phishing Scam Targeting German Customers

CrowdStrike is alerting about an unfamiliar threat actor attempting to capitalize on the Falcon Sensor update fiasco to distribute dubious installers targeting German customers as part of a highly targeted campaign. The cybersecurity company said it identified what it described as an unattributed spear-phishing attempt on July 24, 2024, distributing an inauthentic CrowdStrike Crash Reporter

Security Firm Accidentally Hires North Korean Hacker, Did Not KnowBe4

A software engineer hired for an internal IT AI team immediately became an insider threat by loading malware onto his workstation.

North Korean Hackers Shift from Cyber Espionage to Ransomware Attacks

A North Korea-linked threat actor known for its cyber espionage operations has gradually expanded into financially-motivated attacks that involve the deployment of ransomware, setting it apart from other nation-state hacking groups linked to the country. Google-owned Mandiant is tracking the activity cluster under a new moniker APT45, which overlaps with names such as Andariel, Nickel Hyatt,