Tag: theft

—

by

Source URL: https://www.theregister.com/2025/09/24/pypi_phishing_attacks/ Source: The Register Title: New string of phishing attacks targets Python developers Feedly Summary: If you recently got an email asking you to verify your credentials to a PyPI site, better change that password The Python Software Foundation warned users of a new string of phishing attacks using a phony Python Package…

The Register: Google warns China-linked spies lurking in ‘numerous’ enterprises since March

—

by

Source URL: https://www.theregister.com/2025/09/24/google_china_spy_report/ Source: The Register Title: Google warns China-linked spies lurking in ‘numerous’ enterprises since March Feedly Summary: Mandiant CTO anticipates ‘hearing about this campaign for the next one to two years’ Unknown intruders – likely China-linked spies – have broken into “numerous" enterprise networks since March and deployed backdoors, providing access for their…

Cloud Blog: Another BRICKSTORM: Stealthy Backdoor Enabling Espionage into Tech and Legal Sectors

—

by

Source URL: https://cloud.google.com/blog/topics/threat-intelligence/brickstorm-espionage-campaign/ Source: Cloud Blog Title: Another BRICKSTORM: Stealthy Backdoor Enabling Espionage into Tech and Legal Sectors Feedly Summary: Written by: Sarah Yoder, John Wolfram, Ashley Pearson, Doug Bienstock, Josh Madeley, Josh Murchie, Brad Slaybaugh, Matt Lin, Geoff Carstairs, Austin Larsen Introduction Google Threat Intelligence Group (GTIG) is tracking BRICKSTORM malware activity, which is…

Krebs on Security: Feds Tie ‘Scattered Spider’ Duo to $115M in Ransoms

—

by

Source URL: https://krebsonsecurity.com/2025/09/feds-tie-scattered-spider-duo-to-115m-in-ransoms/ Source: Krebs on Security Title: Feds Tie ‘Scattered Spider’ Duo to $115M in Ransoms Feedly Summary: U.S. prosecutors last week levied criminal hacking charges against 19-year-old U.K. national Thalha Jubair for allegedly being a core member of Scattered Spider, a prolific cybercrime group blamed for extorting at least $115 million in ransom…

The Register: OnePlus leaves researchers on read over Android bug that exposes texts

Sep 23, 2025

—

by

Source URL: https://www.theregister.com/2025/09/23/rapid7_oneplus_android_bug/ Source: The Register Title: OnePlus leaves researchers on read over Android bug that exposes texts Feedly Summary: Rapid7 warns flaw could let any app peek at your SMS, but smartphone vendor won’t pick up Security researchers report that OnePlus smartphone users remain vulnerable to a critical bug that allows any application to…

Docker: MCP Horror Stories: The Drive-By Localhost Breach

Sep 23, 2025

—

by

Source URL: https://www.docker.com/blog/mpc-horror-stories-cve-2025-49596-local-host-breach/ Source: Docker Title: MCP Horror Stories: The Drive-By Localhost Breach Feedly Summary: This is Part 4 of our MCP Horror Stories series, where we examine real-world security incidents that expose the devastating vulnerabilities in AI infrastructure and demonstrate how Docker MCP Gateway provides enterprise-grade protection against sophisticated attack vectors. The Model Context…

The Register: Suspected Iran-backed attackers targeting European aerospace sector with novel malware

Sep 23, 2025

—

by

Source URL: https://www.theregister.com/2025/09/23/iran_targeting_european_aerospace/ Source: The Register Title: Suspected Iran-backed attackers targeting European aerospace sector with novel malware Feedly Summary: Instead of job offers, victims get MiniJunk backdoor and MiniBrowse stealer Suspected Iranian government-backed online attackers have expanded their European cyber ops with fake job portals and new malware targeting organizations in the defense, manufacturing, telecommunications,…

Slashdot: Self-Replicating Worm Affected Several Hundred NPM Packages, Including CrowdStrike’s

Sep 20, 2025

—

by

Source URL: https://it.slashdot.org/story/25/09/20/0542237/self-replicating-worm-affected-several-hundred-npm-packages-including-crowdstrikes Source: Slashdot Title: Self-Replicating Worm Affected Several Hundred NPM Packages, Including CrowdStrike’s Feedly Summary: AI Summary and Description: Yes Summary: The Shai-Hulud malware campaign has affected numerous npm packages, including those maintained by CrowdStrike, via the injection of malicious scripts designed to steal developer credentials and exfiltrate sensitive information. The campaign highlights…

Simon Willison’s Weblog: The Hidden Risk in Notion 3.0 AI Agents: Web Search Tool Abuse for Data Exfiltration

Sep 19, 2025

—

by