A newly disclosed vulnerability in Insyde H2O UEFI firmware, tracked as CVE-2025-4275, allows attackers to bypass Secure...
supply chain attack
SentinelLABS has unveiled an extensive report detailing a wave of cyber-espionage activity that directly targeted SentinelOne and...
The Socket Threat Research Team has disclosed two dangerous npm packages that masquerade as helpful developer tools—but...
Socket’s Threat Research Team has uncovered a targeted supply chain attack leveraging malicious RubyGems impersonating Fastlane plugins....
Socket Threat Research Team has uncovered a new threat lurking within the JavaScript ecosystem: four malicious npm...
In a recent revelation, Socket’s Threat Research Team has uncovered a stealthy npm supply chain attack leveraging...
Socket’s Threat Research Team has uncovered a sophisticated supply chain attack on the Python Package Index (PyPI)...
Aidan Leon, cybersecurity practitioner and threat analyst at ZeroDay Labs, has disclosed a sophisticated supply chain attack...
A sophisticated ransomware campaign targeting National Defense Corporation (NDC) and its subsidiaries affected the defense supply chain,...
Malware authors have begun exploiting Google Calendar invites and Unicode Private Use Area (PUA) characters to deliver...
The ReversingLabs research team has uncovered yet another software supply chain attack targeting the cryptocurrency ecosystem, this...
rend Micro researchers have uncovered the full extent of an elaborate, multi-phase cyber-espionage operation attributed to Earth...
Aikido Security has uncovered a Remote Access Trojan (RAT) embedded in rand-user-agent, a JavaScript package downloaded ~45,000...
The Sansec Forensics Team has uncovered a coordinated supply chain attack that has silently infected ecommerce infrastructure...
In a detailed technical report, Socket’s Threat Research Team uncovered seven malicious Python packages published to the...
Aikido Intel has issued an urgent alert after detecting a backdoor in multiple versions of xrpl.js, the...
A new supply chain attack has been uncovered by Socket’s Threat Research Team, targeting developers who create...
A malicious npm package, disguised as a merchant integration for the Advcash payment platform, has been discovered...
The ReversingLabs (RL) research team has uncovered a sophisticated npm-based malware campaign in which a fake npm...
A recent report from FortiGuard Labs has uncovered a series of malicious NPM packages designed to steal...
The Cybersecurity and Infrastructure Security Agency (CISA) has recently added two significant security vulnerabilities to its Known...
Cybersecurity researchers at ReversingLabs have detailed a supply chain attack on the popular AI library, Ultralytics, which...