A new malicious npm package has been discovered, and this time the target was not just developers but also cryptocurrency users. The package, named nodejs-smtp, was designed to look like the widely used Nodemailer library. On the surface, it worked like a normal tool for sending emails, but hidden inside was code that attempted to … Continued
“In a regulated industry, you cannot rush adoption—you need a granular understanding of the risks.” – Sandip Wadje Sandip Wadje, Managing Director and Global Head of Emerging Technology Risks at BNP Paribas, is a seasoned Cyber Security and Technology Risk leader with 23 years of experience across Cyber Security, Operational Risk, IT Risk, Internal Controls, … Continued
Cloud security is no longer optional; it‘s survival. With attackers targeting misconfigurations, APIs, and identities, organizations need to test their defenses before criminals do. Two popular approaches Penetration Testing and Red Teaming play a huge role. What Is Cloud Penetration Testing? A controlled, simulated attack on cloud systems (AWS, Azure, GCP). Focuses on misconfigured buckets, … Continued
ScarCruft, a North Korean state-linked hacking group also known as APT37, has recently carried out a new cyber-espionage operation that researchers have named Operation HanKook Phantom. This campaign is focused on South Korean academics, researchers, and policy experts, and its main weapon is a malware strain called RokRAT. The operation was uncovered by Seqrite and … Continued
FreePBX servers have come under attack after hackers found a new zero-day vulnerability. The company behind the software, Sangoma, has confirmed that criminals are already using this flaw to break into systems. An emergency patch has now been released to fix the issue, and all administrators are being told to act quickly. The problem is … Continued
Cybersecurity researchers have recently exposed a dangerous new malware campaign that hides inside what looks like a harmless PDF editing tool. Attackers are disguising their malicious software as “AppSuite PDF Editor,” which is being pushed through fake advertisements online. The campaign has already affected multiple organizations in Europe and poses a serious threat to anyone … Continued
The United States Treasury has imposed new sanctions on people and companies linked to North Korea’s illegal use of remote IT workers. Officials said the scheme is designed to secretly earn money for Pyongyang, which then directs the funds toward its prohibited weapons programs. The sanctions list names two individuals and two companies accused of … Continued
Microsoft has reported that the hacking group Storm-0501 has moved away from traditional ransomware and is now attacking directly in the cloud. Instead of locking individual computers, the group uses cloud tools themselves to steal data, erase backups, and encrypt storage. This makes recovery far harder and raises the pressure on victims to pay. The … Continued
A recently discovered breach involving Salesloft, Drift, and Salesforce has exposed customer data, all due to a compromised OAuth connection. Attackers gained unauthorized access and quietly pulled tokens linking Salesloft’s integration with the Drift AI chat agent, which then gave them access to Salesforce records. This happened between August 8 and August 18, 2025, according … Continued
The cyber-espionage group Blind Eagle (APT-C-36 / TAG-144) has been linked to five separate activity clusters targeting Colombia between May 2024 and July 2025. Most of these attacks were focused on the Colombian government, but several other industries such as defense, healthcare, education, and energy were also affected. The attackers mainly used phishing emails to … Continued
