brangberg – Page 416

Hidden Logic Bombs in Malware-Laced NuGet Packages Set to Detonate Years After Installation

A set of nine malicious NuGet packages has been identified as capable of dropping time-delayed payloads to sabotage database operations and corrupt industrial control systems.
According to software supply chain security company Socket, the packages were published in 2023 and 2024 by a user named “shanhai666” and are designed to run malicious code after specific trigger dates in August 2027 and

DOJ Antitrust Review Clears Google’s $32 Billion Acquisition of Wiz

Google’s acquisition of Wiz is expected to close in 2026, but there are other reviews that need to be cleared.

The post DOJ Antitrust Review Clears Google’s $32 Billion Acquisition of Wiz appeared first on SecurityWeek.

The Congressional Budget Office Was Hacked. It Says It Has Implemented New Security Measures

The Congressional Budget Office confirmed it had been hacked, potentially disclosing important government data to malicious actors.

The post The Congressional Budget Office Was Hacked. It Says It Has Implemented New Security Measures appeared first on SecurityWeek.

Chrome 142 Update Patches High-Severity Flaws

An out-of-bounds write flaw in WebGPU tracked as CVE-2025-12725 could be exploited for remote code execution.

The post Chrome 142 Update Patches High-Severity Flaws appeared first on SecurityWeek.

Enterprise Credentials at Risk – Same Old, Same Old?

Imagine this: Sarah from accounting gets what looks like a routine password reset email from your organization’s cloud provider. She clicks the link, types in her credentials, and goes back to her spreadsheet. But unknown to her, she’s just made a big mistake. Sarah just accidentally handed over her login details to cybercriminals who are laughing all the way to their dark web

Destructive Russian Cyberattacks on Ukraine Expand to Grain Sector

Multiple state-sponsored Russian groups are targeting Ukrainian entities and European countries linked to Ukraine.

The post Destructive Russian Cyberattacks on Ukraine Expand to Grain Sector appeared first on SecurityWeek.

Google Launches New Maps Feature to Help Businesses Report Review-Based Extortion Attempts

Google on Thursday said it’s rolling out a dedicated form to allow businesses listed on Google Maps to report extortion attempts made by threat actors who post inauthentic bad reviews on the platform and demand ransoms to remove the negative comments.
The approach is designed to tackle a common practice called review bombing, where online users intentionally post negative user reviews in an

18 Arrested in Crackdown on Credit Card Fraud Rings

Between 2016 and 2021, the suspects defrauded 4.3 million cardholders in 193 countries of €300 million (~$346 million).

The post 18 Arrested in Crackdown on Credit Card Fraud Rings appeared first on SecurityWeek.

Vibe-Coded Malicious VS Code Extension Found with Built-In Ransomware Capabilities

Cybersecurity researchers have flagged a malicious Visual Studio Code (VS Code) extension with basic ransomware capabilities that appears to be created with the help of artificial intelligence – in other words, vibe-coded.
Secure Annex researcher John Tuckner, who flagged the extension “susvsex,” said it does not attempt to hide its malicious functionality. The extension was uploaded on

U.S. Congressional Budget Office hit by suspected foreign cyberattack

The U.S. Congressional Budget Office (CBO) confirms it suffered a cybersecurity incident after a suspected foreign hacker breached its network, potentially exposing sensitive data. […]

Author: brangberg