Shai-Hulud Returns: Over 300 NPM packages infected via fake Bun runtime within hours

Shai-Hulud Returns: Over 1K NPM Packages and 27K+ Github Repos infected via Fake Bun Runtime Within Hours

Over 1,000 NPM packages were infected using the same method as the previous attack, infecting with a fake Bun runtime. The attacker leveraged the `...

The Fairfax County Police Department is looking for help in identifying suspects part of a group that installed malware on ATMs to carry out jackpotting attacks

Fairfax County Police Department News

Detectives Ask for the Public’s Help Identifying ATM Jackpotting Suspects

Fair Oaks Police District –Detectives from our Financial Crimes Unit are actively investigating a series of ATM thefts after Apple Federal Credit...

AI company Factory has detected multiple threat actors abusing its free tiers to automate cyberattacks, including "at least one state‑linked actor."

Factory.ai

The Droid Wars: Breaking up an AI‑orchestrated cyber fraud campaign | Factory.ai

Over the course of several days in October we detected and disrupted a highly automated cyber operation that had attemp...

Security firm DoubleVerify has found SkyWalk, a network of iOS games that serve ads inside invisible windows. The malicious code was traced back to the UniSkyWalking iOS mobile framework

FRAUD ALERT: Fake Gaming Apps May Be Gaming Your Ads

Read DV

The DomainTools security team has analyzed the recent leak of APT35 internal documents and how the documents map out to past campaigns and infrastructure, as well as how they reveal more of the internal structure of Iran's cyber apparatus

DomainTools Investigations | DTI

Threat Intelligence Report: APT35 Internal Leak of Hacking Campaigns Against Lebanon, Kuwait, Turkey, Saudi Arabia, Korea, and Domestic Iranian Targets - DomainTools Investigations | DTI

Unmasking APT35 (Charming Kitten). New report analyzes leaked internal documents, revealing their operational profile, Exchange attack chains (Prox...

Maxwell Schultz, a former IT contractor for an American waste disposal company, pleaded guilty to hacking his former employer after he was fired to reset passwords and delete logs

 

Australia's eSafety Commission has expanded the country's kids social media ban to video streaming service Twitch. Australia's kids social media ban will be enforced on 10 platforms: -Facebook -Instagram -Snapchat -Threads -TikTok -X -Reddit -Kick -YouTube https://www.esafety.gov.au/newsroom/media-releases/twitch-assessed-as-age-restricted-social-media-platform

Cisco has announced Resilient Infrastructure, a project to improve the security of its products. This includes: -increase default protections -remove legacy insecure features -reduce the attack surface -enable better detection and response

Cisco Blogs

Doubling down on resilient infrastructure

As global networks face escalating threats, Cisco is strengthening resilient infrastructure by setting secure defaults, eliminating legacy risks, a...

Blockchain investigator ZachXBT has published a report on how the APT38 (Bluenoroff) group laundered $200 million worth of crypto from 25+ hacks to fiat between 2020 and 2023. https://paragraph.com/@investigations/how-lazarus-group-laundered-200m-from-25-crypto-hacks-to-fiat-from-2020-2023

There's an unpatched admin auth bypass in the Twonky Server

Rapid7

CVE-2025-13315, CVE-2025-13316: Critical Twonky Server Authentication Bypass (NOT FIXED)

Rapid7 has identified two vulnerabilities that facilitate administrator authentication bypass in Twonky Server, a media solution.