At a Glance Actor / group Suspected North Korean actors in the Contagious Interview / Famous Chollima...
supply chain attack
At a glance Actor TeamPCP Activity type Software supply chain compromise Targets Enterprise developers, security tools Scale...
At a glance Actor Suspected North Korean Lazarus-linked group (attribution by TTP similarity) Activity npm supply chain...
At a Glance Organization LastPass (via vendor Klue) Data exposed CRM contact and support data: names, emails,...
Security researchers have uncovered GlassWASM malware, a stealthy threat hiding inside trojanized Visual Studio Code extensions. Socket’s...
A sweeping Mastra supply chain attack has hit the JavaScript ecosystem hard. Security firm Socket detected the...
A dangerous ShapedPlugin supply chain attack is currently threatening WordPress websites. Security researchers at Wordfence discovered this...
A serious Uncanny Automator breach has exposed customer data and pushed a malicious plugin update to live...
Overview of the Global Fraud Threat Cybersecurity researchers have just detected a dangerous software campaign targeting Python...
A dangerous new supply chain threat has targeted financial software developers. Specifically, security researchers at Socket recently...
The Wiz Customer Incident Response Team recently uncovered a dangerous global cyber threat. Specifically, a new wave...
Welcome to your weekly threat intelligence briefing. The cybersecurity landscape shifted dramatically between May 25 and May...
Microsoft Threat Intelligence researchers recently uncovered an active security breach targeting modern software developer pipelines. Specifically, a...
Urgent Alert for DevOps Engineers Microsoft security analysts recently identified an active threat vector targeting modern software...
Open-source software repositories remain a top target for modern cybercriminals. Recently, Socket’s Threat Research Team uncovered a...
Security researchers at Socket have uncovered a coordinated attack targeting PHP Composer packages by hiding malicious JavaScript...
A major software supply-chain storm is brewing in the PHP ecosystem. Security firm Socket has exposed a...
The notorious threat syndicate tracking under the moniker TeamPCP, an adversarial collective primarily renowned for orchestrating supply-chain...
Grafana Labs has broken its silence regarding a targeted corporate cyberattack that culminated in the theft of...
A massive and highly coordinated supply chain assault is currently ripping through the JavaScript developer ecosystem. Security...
A brief but dangerous supply chain attack briefly hijacked the official Visual Studio Code marketplace, targeting over...
Security researchers have exposed a highly stealthy attempted intrusion that weaponized an open-source framework into a potent...