Malicious Rspack, Vant packages published using stolen NPM tokens
Three popular npm packages, @rspack/core, @rspack/cli, and Vant, were compromised through stolen npm account tokens, allowing threat actors to publish…
Month: December 2024
Fake DocuSign docs used to secure corporate credentials in mishing campaign
A targeted mobile phishing (mishing) campaign was observed that leveraged a DocuSign impersonation scheme that aimed to harvest corporate credentials…
US charges Russian-Israeli as suspected LockBit ransomware coder
The US Department of Justice has charged a Russian-Israeli dual-national for his suspected role in developing malware and managing the…
Sophos Firewall vulnerable to critical remote code execution flaw
Sophos has addressed three vulnerabilities in its Sophos Firewall product that could allow remote unauthenticated threat actors to perform SQL…
Play ransomware admits Krispy Kreme compromise
Major U.S. multinational doughnut and coffeehouse chain Krispy Kreme was claimed to have been breached by the Play ransomware operation, which warned…
Over 3M Builder.ai records leaked by unprotected database
SiliconAngle reports that major UK-based artificial intelligence startup Builder.ai had nearly 1.3 TB of data containing over 3 million records, including…
Health data of 5.6 million stolen in ransomware attack
Ascension, one of the largest private U.S. healthcare systems, is notifying over 5.6 million patients and employees that their personal…
Lazarus Group Spotted Targeting Nuclear Engineers with CookiePlus Malware
The Lazarus Group, an infamous threat actor linked to the Democratic People’s Republic of Korea (DPRK), has been observed leveraging…
Massive live sports piracy ring with 812 million yearly visits taken offline
The Alliance for Creativity and Entertainment (ACE) has taken down one of the world’s largest live sports streaming piracy rings,…
Rspack npm Packages Compromised with Crypto Mining Malware in Supply Chain Attack
Dec 20, 2024Ravie LakshmananMalware / Supply Chain Attack The developers of Rspack have revealed that two of their npm packages,…