Generative AI Remains Growing Concern for Organizations
Generative AI creates increasingly complicated threats for organizations.
Generative AI creates increasingly complicated threats for organizations.
Threat hunters have discovered a set of previously unreported domains, some going back to May 2020, that are associated with China-linked threat actors Salt Typhoon and UNC4841. “The domains date back several years, with the oldest registration activity occurring in May 2020, further confirming that the 2024 Salt Typhoon attacksRead More »45 Previously Unreported Domains Expose Longstanding Salt Typhoon Cyber Espionage
At least 18 popular JavaScript code packages that are collectively downloaded more than two billion times each week were briefly compromised with malicious software today, after a developer involved in maintaining the projects was phished. The attack appears to have been quickly contained and was narrowly focused on stealing cryptocurrency.Read More »18 Popular Code Packages Hacked, Rigged to Steal Crypto
When I announced my latest book last week, I forgot to mention that you can pre-order a signed copy here. I will ship the books the week of 10/20, when it is published.
Salesloft has revealed that the data breach linked to its Drift application started with the compromise of its GitHub account. Google-owned Mandiant, which began an investigation into the incident, said the threat actor, tracked as UNC6395, accessed the Salesloft GitHub account from March through June 2025. So far, 22 companiesRead More »GitHub Account Compromise Led to Salesloft Drift Breach Affecting 22 Companies
China’s APT41 sent out malicious emails on behalf of Rep. John Moolenaar to collect information ahead of US-China trade talks. The post Chinese Spies Impersonated US Lawmaker to Deliver Malware to Trade Groups: Report appeared first on SecurityWeek.
Cybersecurity researchers have detailed a new sophisticated malware campaign that leverages paid ads on search engines like Google to deliver malware to unsuspecting users looking for popular tools like GitHub Desktop. While malvertising campaigns have become commonplace in recent years, the latest activity gives it a little twist of itsRead More »GPUGate Malware Uses Google Ads and Fake GitHub Commits to Target IT Firms
PromptLock is only a prototype of LLM-orchestrated ransomware, but hackers already use AI in file encryption and extortion attacks. The post PromptLock Only PoC, but AI-Powered Ransomware Is Real appeared first on SecurityWeek.
A supply chain attack called GhostAction has enabled threat actors to steal secrets and exploit them. The post GitHub Workflows Attack Affects Hundreds of Repos, Thousands of Secrets appeared first on SecurityWeek.
The list of impacted cybersecurity firms has been expanded to include BeyondTrust, Bugcrowd, CyberArk, Cato Networks, JFrog, and Rubrik. The post Salesloft GitHub Account Compromised Months Before Salesforce Attack appeared first on SecurityWeek.