20 articles
A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access trojan to potentially millions of d...
If you’re in IT, you know: what we don’t measure puts business resilience at risk. In the face of rising threat volumes, scaling complexity, and board-level ...
Li Xiong was the head of Huione Group, whose branded entities at one time included an online banking arm, cryptocurrency exchange and online marketplace whic...
A paper published by Google indicates that a quantum computer with 500,000 qubits could be used to steal cryptocurrency, a significantly lower threshold than...
The software supply chain attack that resulted in the compromise of npm packages of Axios, an extremely popular HTTP client library, is believed to be the wo...
Google links the Axios npm supply chain attack to North Korean threat group UNC1069, targeting financial gain. Google has attributed the recent Axios npm sup...
Jonathan Spalletta exploited smart contract vulnerabilities to steal approximately $55 million in cryptocurrency and cause Uranium to shut down. The post US ...
Venom Stealer malware-as-a-service automates ClickFix social engineering, credential and crypto exfiltration
A multi-pronged phishing campaign is targeting Spanish-speaking users in organizations across Latin America and Europe to deliver Windows banking trojans lik...
The stealer persists on the victim’s machine and immediately exfiltrates data with no local staging.
Hackers are increasingly targeting hotel booking workflows to trick travelers into handing over payment details, using a technique that blends real reservati...
Post-quantum cryptography explained, risks of quantum attacks, and steps to secure data, systems, and infrastructure for a quantum-resilient…
Most UK manufacturers compromised last year suffered financial loss, says ESET
Google has formally attributed the supply chain compromise of the popular Axios npm package to a financially motivated North Korean threat activity cluster t...
Generative AI tools have brought the cost of deepfake production low enough that criminals and state-sponsored actors now use them routinely against financia...
Payment fraud has industrialized, and that's a defensive advantage. Learn how standardized attack infrastructure creates detectable patterns that financial i...
Ukrainian government entities, healthcare providers, financial providers, security firms, educational institutions, and software development companies have b...
Google’s latest research suggests the cryptocurrency industry may have less time than expected to prepare for quantum computing. In a whitepaper, Google exam...
U.S.
Spalletta is accused of exploiting vulnerabilities in Uranium Finance's smart contracts on two separate occasions in April 2021.