Infosecurity News
North Korean Hackers Weaponize Seoul Intelligence Files to Target South Koreans
Pyongyang-backed hacking group APT37 leveraged an internal South Korean intelligence briefing in a spear phishing campaign
Npm Package Hijacked to Steal Data and Crypto via AI-Powered Malware
A software supply chain attack targeting Nx marks the first known case where attackers have leveraged developer AI assistants, according to StepSecurity
State-Sponsored Hackers Behind Majority of Vulnerability Exploits
Recorded Future highlighted the vast capabilities of state actors to rapidly weaponize newly disclosed vulnerabilities for geopolitical purposes
TransUnion Data Breach Impacts 4.5 Million US Customers
The credit rating giant revealed that the breach, which occurred on July 28, was caused by unauthorized access to a third-party application
Fake IT Support Attacks Hit Microsoft Teams
Fake IT support lures are being used to trick employees into installing remote‑access tools via Microsoft Teams
Netherlands Confirms China's Salt Typhoon Targeted Small Dutch Telcos
Salt Typhoon’s primary Dutch targets were small internet service providers and hosting providers
Malicious VS Code Extensions Exploit Name Reuse Loophole
Visual Studio Code extensions have been identified exploiting a loophole that allows reuse of names from removed packages
Nevada Confirms Ransomware Attack, State Data Stolen
Nevada’s CIO confirmed in a press conference that ransomware actors had exfiltrated data from state networks, amid an ongoing incident investigation
Chinese Tech Firms Linked to Salt Typhoon Espionage Campaigns
The US, UK and allies have called out China’s “commercial cyber ecosystem” for enabling large-scale Salt Typhoon campaigns
Crypto Companies Freeze $47m in Romance Baiting Funds
Chainalysis, OKX, Binance and Tether have managed to stop nearly $50m reaching romance baiting fraudsters
Ransomware Actor Deletes Data and Backups Post-Exfiltration on Azure
Microsoft observed Storm-0501 pivot to the victim’s cloud environment to exfiltrate data rapidly and prevent the victim’s recovery
CISA Strengthens Software Procurement Security With New Tool
CISA has launched a new Software Acquisition Guide Web Tool to enhance security in software procurement
Researchers Discover First Reported AI-Powered Ransomware
While still in development, PromptLock is described as the “first known AI-powered ransomware” by ESET researchers
Nevada “Network Security Incident” Shuts Down State Offices and Services
The Office of the Governor of Nevada revealed that the incident has shut down in-person State services, while government phone lines and websites are offline
ShadowSilk Campaign Targets Central Asian Governments
A series of cyber-attacks against government organizations in Central Asia and Asia- Pacific has been linked to the ShadowSilk threat cluster
Citrix Patches Three NetScaler Zero Days as One Sees Active Exploitation
Citrix customers are urged to patch their vulnerable NetScaler appliances, but “patching alone won’t cut it,” experts said
ENISA to Coordinate €36m EU-Wide Incident Response Scheme
EU security agency ENISA is being handed €36m to operate the EU Cybersecurity Reserve
New Data Theft Campaign Targets Salesforce via Salesloft App
Google is warning of a new credential theft campaign targeting Salesforce customers via Salesloft Drift
New Phishing Campaign Abuses ConnectWise ScreenConnect to Take Over Devices
Abnormal AI said the campaign, which lures victims into downloading legitimate RMM software, marks a major evolution in phishing tactics
New Android Trojan Variant Expands with Ransomware Tactics
A new version of the Hook Android banking Trojan features 107 remote commands, including ransomware overlays