From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet
June 19, 2026 update: Microsoft assesses with high confidence that this activity is attributable to Sapphire Sleet, a North Korean state actor that primarily targets the financial sector. The ...
- A new macOS ClickFix campaign uses a fake CAPTCHA page to trick users into installing malware. - It instructs users to paste text into a Terminal command that silently downloads and mounts a ...
Kazuar, a sophisticated malware family attributed to the Russian state actor Secret Blizzard, has been under constant development for years and continues to evolve in support of espionage-focused ...
Pulls cybersecurity and threat intel from NewsAPI, AlienVault OTX, RSS feeds, Abuse.ch, and MITRE ATT&CK, pushes raw events into Kafka, and runs NLP enrichment via spaCy transformer models to extract ...
British bank HSBC has managed to gets its Internet and mobile banking systems back online after crippling distributed denial of service (DDOS) attack knocked systems offline on Friday. “HSBC internet ...
The United States’ Department of Labor’s Website has been breached and is serving up malware in drive-by-download attacks, security researchers warned. When a visitor lands on the impacted area of the ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results