Lazarus hackers deploy fake VMware PyPI packages in VMConnect attacks
North Korean state-sponsored hackers have uploaded malicious packages to the PyPI (Python Package Index) repository, camouflaging one of them as…
North Korean Attackers Targeted Crypto Companies in JumpCloud Breach
Analysts continue piecing together who breached JumpCloud, why, and what else they've managed to pull off.
Software Supply Chain Security Needs a Bigger Picture
SBOMs aren't enough. OpenSSF's Alpha-Omega brings in new blood to help secure the open source projects most impactful to the…
Microsoft: Lazarus hackers are weaponizing open-source software
Microsoft says the North Korean-sponsored Lazarus threat group is trojanizing legitimate open-source software and using it to backdoor organizations in many industry…
Hackers trojanize PuTTY SSH client to backdoor media company
North Korean hackers are using trojanized versions of the PuTTY SSH client to deploy backdoors on targets' devices as part…
60 Magical ‘Labyrinth’ Tattoos
In 1955, Jim Henson was put on the map with “The Muppets” and over 30...