Microsoft’s September 2025 Patch Tuesday fixes over 80 flaws, including two publicly disclosed
One of the previously disclosed flaws resides in Windows SMB Server and another affects the Newtonsoft.Json library.
Cybersecurity News - Page 55
LockerGoga, MegaCortex, and Nefilim ransomware admin charged in the US
Volodymyr Tymoshchuk is alleged to have been involved in compromising over 250 networks in the US, as well as hundreds more globally.
New cryptojacking campaign abuses TOR network and exposed Docker APIs
The attackers use the TOR network for anonymity and exploit misconfigured Docker instances to install XMRig.
New threat actor TAG-150 linked to advanced malware infrastructure
TAG-150 maintains a large and complex infrastructure, including both victim-facing servers used to control various malware and multi-layered backend servers.
Hidden Chinese APT infrastructure tied to Salt Typhoon and UNC4841
The domains are believed to be part of a long-running campaign to gain long-term access to global organizations.
Massive NPM supply chain attack impacts packages with over 2.6B weekly downloads
The maintainer of widely used NPM packages, confirmed his account was hijacked following a sophisticated phishing attack.
GPUGate malware delivery chain targets IT professionals in Western Europe
The threat actors behind GPUGate used malvertising to display fake ads at the top of Google search results.
Massive GitHub supply chain attack exposes over 3,300 secrets across 800+ repos
The attack saw 327 GitHub accounts compromised, with malicious GitHub Actions workflows injected into 817 repositories.
SAP S/4HANA code injection flaw actively exploited in the wild
Successful exploitation gives the attacker the ability to act with administrative privileges in the SAP system.
Hackers compromised Drift platform via Salesloft GitHub account
Using the account, the intruders downloaded content from multiple repositories and then added a guest user and established workflows.
Showing elements 541 - 550