That Time Tom Lehrer Pranked the NSA
Bluesky thread. Here’s the paper, from 1957. Note reference 3.
Hackers Breach Toptal GitHub, Publish 10 Malicious npm Packages With 5,000 Downloads
In what’s the latest instance of a software supply chain attack, unknown threat actors managed to compromise Toptal’s GitHub organization account and leveraged that access to publish 10 malicious packages to the npm registry. The packages contained code to exfiltrate GitHub authentication tokens and destroy victim systems, Socket said inRead More »Hackers Breach Toptal GitHub, Publish 10 Malicious npm Packages With 5,000 Downloads
NASCAR Confirms Personal Information Stolen in Ransomware Attack
NASCAR says names, Social Security numbers, and other personal information was stolen in an April 2025 ransomware attack. The post NASCAR Confirms Personal Information Stolen in Ransomware Attack appeared first on SecurityWeek.
Root Evidence Launches With $12.5 Million in Seed Funding
Root Evidence is developing fully integrated vulnerability scanning and attack surface management technology. The post Root Evidence Launches With $12.5 Million in Seed Funding appeared first on SecurityWeek.
Scattered Spider Targeting VMware vSphere Environments
The financially motivated group is pivoting from Active Directory to VMware vSphere environments, deploying ransomware from the hypervisor. The post Scattered Spider Targeting VMware vSphere Environments appeared first on SecurityWeek.
⚡ Weekly Recap — SharePoint Breach, Spyware, IoT Hijacks, DPRK Fraud, Crypto Drains and More
Some risks don’t breach the perimeter—they arrive through signed software, clean resumes, or sanctioned vendors still hiding in plain sight. This week, the clearest threats weren’t the loudest—they were the most legitimate-looking. In an environment where identity, trust, and tooling are all interlinked, the strongest attack path is often theRead More »⚡ Weekly Recap — SharePoint Breach, Spyware, IoT Hijacks, DPRK Fraud, Crypto Drains and More
Allianz Life Data Breach Impacts Most of 1.4 Million US Customers
Allianz subsidiary said the information of customers, financial professionals and employees was compromised as a result of a hack. The post Allianz Life Data Breach Impacts Most of 1.4 Million US Customers appeared first on SecurityWeek.
Email Security Is Stuck in the Antivirus Era: Why It Needs a Modern Approach
Picture this: you’ve hardened every laptop in your fleet with real‑time telemetry, rapid isolation, and automated rollback. But the corporate mailbox—the front door for most attackers—is still guarded by what is effectively a 1990s-era filter. This isn’t a balanced approach. Email remains a primary vector for breaches, yet we oftenRead More »Email Security Is Stuck in the Antivirus Era: Why It Needs a Modern Approach
Microsoft SharePoint Zero-Day
Chinese hackers are exploiting a high-severity vulnerability in Microsoft SharePoint to steal data worldwide: The vulnerability, tracked as CVE-2025-53770, carries a severity rating of 9.8 out of a possible 10. It gives unauthenticated remote access to SharePoint Servers exposed to the Internet. Starting Friday, researchers began warning of active exploitationRead More »Microsoft SharePoint Zero-Day
BlackSuit Ransomware Group Transitioning to ‘Chaos’ Amid Leak Site Seizure
The emerging Chaos ransomware appears to be a rebranding of BlackSuit, which had its leak site seized by law enforcement. The post BlackSuit Ransomware Group Transitioning to ‘Chaos’ Amid Leak Site Seizure appeared first on SecurityWeek.