infosecintel – Page 80 – Curated Information Security Articles and Threat Intelligence News

PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials

April 30, 2026

In yet another software supply chain attack, threat actors have managed to compromise the popular Python package Lightning to push two malicious versions to conduct credential theft. According to Aikido Security, OX Security, Socket, and StepSecurity, the two malicious versions are versions 2.6.2 and 2.6.3, both of which were publishedRead More »PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials

New Research: AI-Driven Cybercrime Led to a 389% Increase in Ransomware Victims

April 30, 2026

An overview of cyber threat trends from the previous year.

SonicWall Urges Immediate Patching of Firewall Vulnerabilities

April 30, 2026

The bugs could be exploited to bypass security controls, access restricted services, and crash firewalls. The post SonicWall Urges Immediate Patching of Firewall Vulnerabilities appeared first on SecurityWeek.

SAP NPM Packages Targeted in Supply Chain Attack

April 30, 2026

The Mini Shai-Hulud attack introduced a preinstall hook to fetch and execute a Bun binary and bypass security monitoring. The post SAP NPM Packages Targeted in Supply Chain Attack appeared first on SecurityWeek.

Anti-DDoS Firm Heaped Attacks on Brazilian ISPs

April 30, 2026

A Brazilian tech firm that specializes in protecting networks from distributed denial-of-service (DDoS) attacks has been enabling a botnet responsible for an extended campaign of massive DDoS attacks against other network operators in Brazil, KrebsOnSecurity has learned. The firm’s chief executive says the malicious activity resulted from a security breachRead More »Anti-DDoS Firm Heaped Attacks on Brazilian ISPs

ThreatsDay Bulletin: SMS Blaster Busts, OpenEMR Flaws, 600K Roblox Hacks and 25 More Stories

April 30, 2026

The internet is noisy this week. We are seeing some wild new tactics, like people using fake cell towers to send scam texts, while some developers are accidentally downloading tools that peek into their private files during a simple install. It is definitely a busy time to be online. SecurityRead More »ThreatsDay Bulletin: SMS Blaster Busts, OpenEMR Flaws, 600K Roblox Hacks and 25 More Stories

New Python Backdoor Uses Tunneling Service to Steal Browser and Cloud Credentials

April 30, 2026

Cybersecurity researchers have disclosed details of a stealthy Python-based backdoor framework called DEEP#DOOR that comes with capabilities to establish persistent access and harvest a wide range of sensitive information from compromised hosts. “The intrusion chain begins with execution of a batch script (‘install_obf.bat’) that disables Windows security controls, dynamically extractsRead More »New Python Backdoor Uses Tunneling Service to Steal Browser and Cloud Credentials

Critical Gemini CLI Flaw Enabled Host Code Execution, Supply Chain Attacks

April 30, 2026

An attacker could have planted a malicious configuration to execute commands outside the sandbox. The post Critical Gemini CLI Flaw Enabled Host Code Execution, Supply Chain Attacks appeared first on SecurityWeek.

EnOcean SmartServer Flaws Expose Buildings to Remote Hacking

April 30, 2026

Claroty researchers discovered two vulnerabilities that can be exploited for security bypass and remote code execution. The post EnOcean SmartServer Flaws Expose Buildings to Remote Hacking appeared first on SecurityWeek.

EtherRAT Distribution Spoofing Administrative Tools via GitHub Facades

April 30, 2026

Intro A sophisticated, high-resilience malicious campaign was identified by Atos Threat Research Center (TRC) in March 2026. This operation specifically targets the high-privilege professional accounts of enterprise administrators, DevOps engineers, and security analysts by impersonating administrative utilities they rely on for daily operations. By integrating Search Engine Order (SEO)

« Previous
1
…
78
79
80
81
82
…
557
Next »