Identity

36 malicious npm packages exploit Redis, PostgreSQL to deploy Persistent Implant

Ravi LakshmananApril 5, 2026Malware / DevSecOps Cybersecurity researchers discovered 36 malicious packages in the npm registry disguised as Strapi CMS plugins but with different payloads to facilitate exploitation of Redis and PostgreSQL, deploy reverse shells, harvest credentials, and…

Identity

Fortinet patch actively exploits CVE-2026-35616 in FortiClient EMS

Identity

China-linked TA416 targets European governments with PlugX and OAuth-based phishing

Identity

Microsoft releases details about cookie-controlled PHP web shell persisted via Cron on Linux servers

Identity

UNC1069 Axios Maintainer social engineering led to npm supply chain attack

Identity

Why third-party risk is the biggest gap in clients’ security posture

Identity

New SparkCat variants of iOS, Android apps steal recovery phrase images from crypto wallets

Identity

Drift loses $285 million in North Korea-related durable Nonce social engineering attack

LastPass warns about fake repositories that infect MacOS with Atomic Infostealer

By September 20, 20250

September 20, 2025Ravi LakshmananSoftware Security/Malware LastPass warns of a continuous and widespread information steeler campaign…

Researchers discover GPT-4-driven malterminal malware and create ransomware, reverse shell

By September 20, 20250

Cybersecurity researchers have discovered what they say is the earliest known example of malware that…

ShadowLeak Zero-Click Flaw Leaks Gmail data Openai Chatgpt Deep Search Agent

By September 20, 20250

September 20, 2025Ravi LakshmananArtificial Intelligence/Cloud Security Cybersecurity researchers revealed a zero-click flaw in Openai ChatGpt’s…

UNC1549 Hacking 34 devices from 11 telecom companies via LinkedIn Job Lures and Minibike malware

By September 19, 20250

The Iranian-Nexus Cyberspy Group, known as UNC1549, has infiltrated 34 devices across 11 organizations as…

1,500 VPS victims daily across SystemBC Powers Rem Proxy 80 C2 servers

By September 19, 20250

September 19, 2025Ravi LakshmananBotnet/Network Security The proxy network, known as Lem Proxy, is powered by…

FORTRA releases critical patches for CVSS 10.0 GOANY WHERE MFT Vulnerability

By September 19, 20250

September 19, 2025Ravi LakshmananVulnerability/Threat Intelligence FORTRA has revealed details of key security flaws in GoAny…

What's Hot

36 malicious npm packages exploit Redis, PostgreSQL to deploy Persistent Implant

Fortinet patch actively exploits CVE-2026-35616 in FortiClient EMS

Peter Thiel makes a big bet on solar-powered cow collars

Identity

36 malicious npm packages exploit Redis, PostgreSQL to deploy Persistent Implant

Fortinet patch actively exploits CVE-2026-35616 in FortiClient EMS

China-linked TA416 targets European governments with PlugX and OAuth-based phishing

Microsoft releases details about cookie-controlled PHP web shell persisted via Cron on Linux servers

UNC1069 Axios Maintainer social engineering led to npm supply chain attack

Why third-party risk is the biggest gap in clients’ security posture

New SparkCat variants of iOS, Android apps steal recovery phrase images from crypto wallets

Drift loses $285 million in North Korea-related durable Nonce social engineering attack

LastPass warns about fake repositories that infect MacOS with Atomic Infostealer

Researchers discover GPT-4-driven malterminal malware and create ransomware, reverse shell

ShadowLeak Zero-Click Flaw Leaks Gmail data Openai Chatgpt Deep Search Agent

UNC1549 Hacking 34 devices from 11 telecom companies via LinkedIn Job Lures and Minibike malware

1,500 VPS victims daily across SystemBC Powers Rem Proxy 80 C2 servers

FORTRA releases critical patches for CVSS 10.0 GOANY WHERE MFT Vulnerability

Latest Posts

36 malicious npm packages exploit Redis, PostgreSQL to deploy Persistent Implant

Fortinet patch actively exploits CVE-2026-35616 in FortiClient EMS

Peter Thiel makes a big bet on solar-powered cow collars

Embattled startup Delve ‘parts ways’ with Y Combinator

Anthropic says Claude Code subscribers will have to pay extra to use OpenClaw

Trending News

Tesla Dojo: Elon Musk’s big plan to build an AI supercomputer, explained

AI Health Coaches Are Coming Soon to a Device Near You

Sudanese Army Plays More Capital Khartoum from RSF | Sudan War News

Castilla-La Mancha Ignites Innovation: fiveclmsummit Redefines Tech Future

Local Power, Health Innovation: Alcolea de Calatrava Boosts FiveCLM PoC with Community Engagement

The Future of Digital Twins in Healthcare: From Virtual Replicas to Personalized Medical Models

Human Digital Twins: The Next Tech Frontier Set to Transform Healthcare and Beyond

What's Hot

Identity

Latest Posts

Trending News

Subscribe to Updates