Infostealer campaign compromises 10 npm packages, targets devs
Ten npm packages were suddenly updated with malicious code yesterday to steal environment variables and other sensitive data from developers'…
Chinese FamousSparrow hackers deploy upgraded malware in attacks
A China-linked cyberespionage group known as 'FamousSparrow' was observed using a new modular version of its signature backdoor 'SparrowDoor' against a US-based…
The 4 WordPress flaws hackers targeted the most in Q1 2025
A new report sheds light on the most targeted WordPress plugin vulnerabilities hackers used in the first quarter of 2025…
What VirusTotal Missed — Discover with Unknown Cyber
“VirusTotal gives you opinions. Hybrid Analysis gives you behavior. Unknown Cyber gives you the truth in the code—before the malware…
The 7 technology trends that could replace passwords
230M stolen passwords met complexity requirements—and were still compromised. Passwords aren't going away for now, but there are new technologies…
Generative AI In Business: Managing Risks in The Race for Innovation
Artificial intelligence has emerged as a game-changing force, with record amounts of funding fueling new innovations that are transforming industries…
CrushFTP warns users to patch unauthenticated access flaw immediately
CrushFTP warned customers of an unauthenticated HTTP(S) port access vulnerability and urged them to patch their servers immediately. [...]
Broadcom warns of authentication bypass in VMware Windows Tools
Broadcom released security updates today to fix a high-severity authentication bypass vulnerability in VMware Tools for Windows. [...]
New VanHelsing ransomware targets Windows, ARM, ESXi systems
A new multi-platform ransomware-as-a-service (RaaS) operation named VanHelsing has emerged, targeting Windows, Linux, BSD, ARM, and ESXi systems. [...]
Microsoft Trust Signing service abused to code-sign malware
Cybercriminals are abusing Microsoft's Trusted Signing platform to code-sign malware executables with short-lived three-day certificates. [...]