A new large-scale cryptocurrency mining campaign targeting the NPM JavaScript package repository has been revealed by researchers. The malicious activity, attributed to a software supply chain threat actor known as CuteBoi, consists of 1,283 rogue…

SHI International, a provider of IT products and services based in New Jersey, has confirmed that a malware attack occurred on its network. With $12.3 billion in revenue in 2021 and 5,000 employees worldwide in operations centers in the United States,…

Apple has introduced Lockdown Mode, which automatically disables any system functionality that could be hijacked by even the most sophisticated, state-sponsored mercenary spyware to compromise a user device. While Apple acknowledges in its announcement…

The leaders of MI5 and the FBI shared the stage for the first time yesterday in order to warn business leaders and academics of the seriousness of the espionage threat from China. British intelligence boss Ken McCallum explained that China's government…

A feature in the Strava fitness tracking app designed to encourage user competition has instead been exploited by unknown spies to track members of the Israeli military as they run routes on secret military bases. The fitness tracking app may have…

Three new test beds, funded by the Commonwealth Cyber Initiative (CCI), will be used by researchers and business partners at Virginia Commonwealth University's (VCU) College of Engineering to examine the security of medical devices, NextG applications,…

The Cybersecurity and Infrastructure Security Agency (CISA) has recently released a new advisory suggesting North Korean state-sponsored cyber actors are using the Maui ransomware to target Healthcare and Public Health (HPH) Sector organizations in the…

Even the most experienced cybersecurity experts may struggle to secure sensitive data and vital systems from cyberattacks as the global cyberthreat environment worsens. This also holds true for settings used for scientific computing, particularly those…

Security researchers at Microsoft Threat Intelligence Center (MSTIC) discovered a new variant of the Hive ransomware written using the Rust programming language and that it is more evasive and provides attackers with flexibility.  Hive is a…

Marriott International recently confirmed that unknown criminal hackers broke into its computer networks and then attempted to extort the company.  The incident allegedly occurred roughly a month ago and was the work of a group claiming to be “an…

The OpenSSL project's maintainers have released patches to address a high-severity bug in the cryptographic library that could lead to Remote Code Execution (RCE) in certain scenarios. The vulnerability, now known as CVE-2022-2274, has been described as…

Researchers recently discovered a threat group with a possible Russian connection that targets corporate email environments. The researchers initially believed the UNC3524 gang was primarily interested in money, as are many ransomware attacks. An…