Hackers have stolen the personal information of 1.1 million individuals in a Salesforce data theft attack, which impacted U.S. insurance giant Allianz Life in July. […]
PyPI Blocks 1,800 Expired-Domain Emails to Prevent Account Takeovers and Supply Chain Attacks
The maintainers of the Python Package Index (PyPI) repository have announced that the package manager now checks for expired domains to prevent supply chain attacks.
“These changes improve PyPI’s overall account security posture, making it harder for attackers to exploit expired domain names to gain unauthorized access to accounts,” Mike Fiedler, PyPI safety and security engineer at the Python
“These changes improve PyPI’s overall account security posture, making it harder for attackers to exploit expired domain names to gain unauthorized access to accounts,” Mike Fiedler, PyPI safety and security engineer at the Python
Hijacked Satellites and Orbiting Space Weapons: In the 21st Century, Space Is the New Battlefield
From hacked satellites to nuclear threats in orbit, the battle for dominance beyond Earth is redefining modern warfare and national security.
The post Hijacked Satellites and Orbiting Space Weapons: In the 21st Century, Space Is the New Battlefield appeared first on SecurityWeek.
XenoRAT malware campaign hits multiple embassies in South Korea
A state-sponsored espionage campaign is targeting foreign embassies in South Korea to deploy XenoRAT malware from malicious GitHub repositories. […]
Noodlophile Malware Campaign Expands Global Reach with Copyright Phishing Lures
The threat actors behind the Noodlophile malware are leveraging spear-phishing emails and updated delivery mechanisms to deploy the information stealer in attacks aimed at enterprises located in the U.S., Europe, Baltic countries, and the Asia-Pacific (APAC) region.
“The Noodlophile campaign, active for over a year, now leverages advanced spear-phishing emails posing as copyright infringement
“The Noodlophile campaign, active for over a year, now leverages advanced spear-phishing emails posing as copyright infringement
Nebraska man gets 1 year in prison for $3.5M cryptojacking scheme
A Nebraska man was sentenced to one year in prison for defrauding cloud computing providers of over $3.5 million to mine cryptocurrency worth nearly $1 million. […]
ERMAC Android malware source code leak exposes banking trojan infrastructure
The source code for version 3 of the ERMAC Android banking trojan has been leaked online, exposing the internals of the malware-as-a-service platform and the operator’s infrastructure. […]
UK sentences “serial hacker” of 3,000 sites to 20 months in prison
A 26-year old in the UK who claimed to have hacked thousands of websites was sentenced to 20 months in prison after pleading guilty earlier this year. […]
Over 800 N-able servers left unpatched against critical flaws
Over 800 N-able N-central servers remain unpatched against a pair of critical security vulnerabilities tagged as actively exploited last week. […]
Microsoft Windows Vulnerability Exploited to Deploy PipeMagic RansomExx Malware
Cybersecurity researchers have lifted the lid on the threat actors’ exploitation of a now-patched security flaw in Microsoft Windows to deploy the PipeMagic malware in RansomExx ransomware attacks.
The attacks involve the exploitation of CVE-2025-29824, a privilege escalation vulnerability impacting the Windows Common Log File System (CLFS) that was addressed by Microsoft in April 2025,
The attacks involve the exploitation of CVE-2025-29824, a privilege escalation vulnerability impacting the Windows Common Log File System (CLFS) that was addressed by Microsoft in April 2025,