Fake npm Install Messages Conceal RAT Malware in New Open Source Supply Chain Attack
Fake npm install messages are the latest social engineering trick in the open source supply chain, with attackers abusing npm post‑install scripts to silentl...
Financial
20 articles
WebRTC Skimmer Bypasses CSP to Steal Payment Data from E-Commerce Sites
Cybersecurity researchers have discovered a new payment skimmer that uses WebRTC data channels as a means to receive payloads and exfiltrate data, effectivel...
Node.js Releases Urgent Patches for Multiple Vulnerabilities Exposing Systems to DoS and Crashes
The Node.js project issued a critical security update for its Long-Term Support (LTS) branch, marking version 20.
ESET's Tony Anscombe on managing cyber risk as financially motivated attacks grow
ESET's Tony Anscombe discusses how ransomware gangs use EDR Killers to disable cybersecurity tools.
Why Passkeys Are Ready for Prime Time in Modern Banking - Ashish Jain - RSAC26 #3
TeamPCP supply chain attack hits LiteLLM PyPI package
Widely used open-source Python package LiteLLM has been targeted by the TeamPCP threat operation to facilitate extensive data compromise as part of its Trivy...
Illicit npm packages leverage bogus install logs for covert malware infections
Infosecurity Magazine reports that multiple malicious npm packages with downloader capability have shown bogus installation logs to stealthily inject cryptoc...
New Torg Grabber infostealer malware targets 728 crypto wallets
A new info-stealing malware called Torg Grabber is stealing sensitive data from 850 browser extensions, more than 700 of them for cryptocurrency wallets. [.
Cloud Phones Linked to Rising Financial Fraud Threat
Cloud Android phones fuel financial fraud, evading detection and enabling dropper accounts
2026 Cybersecurity Excellence Awards Winners Announced during RSA Conference as AI Security Dominates
San Francisco, USA, March 25th, 2026, CyberNewswire Cybersecurity Insiders today announced the winners of the 2026 Cybersecurity Excellence Awards during RSA...
Botnet operator behind $14 million in ransomware extortion payments gets 24 months behind bars
A Russian national has been sentenced to 24 months in prison after admitting he managed a botnet used to launch ransomware attacks against dozens of U.S.
GlassWorm Malware Uses Solana Dead Drops to Deliver RAT and Steal Browser, Crypto Data
Cybersecurity researchers have flagged a new evolution of the GlassWorm campaign that delivers a multi-stage framework capable of comprehensive data theft an...
Security for the Quantum Era: Implementing Post-Quantum Cryptography in Android
Posted by Eric Lynch, Product Manager, Android and Dom Elliot, Group Product Manager, Google Play Modern digital security is at a turning point. We are on th...
Akamai Brand Guardian detects and removes AI-driven brand impersonation
Akamai has introduced Akamai Brand Guardian, an evolution of Brand Protector that uses AI to identify and manage brand impersonation at scale. Scammers are e...
Njordium AI blocks fake invoices and fraudulent payments
Njordium Cyber Group has launched its new AI Fraud Detection Module, a self-learning AI engine integrated into the recently released Vendor Management System...
TeamPCP Hits Trivy, Checkmarx, and LiteLLM in Credential Theft Campaign
Hackers compromised Trivy, Checkmarx, and LiteLLM in a supply chain attack, stealing cloud credentials, tokens, and crypto wallet data from developers.
Say Easy, Do Hard - Crypto-Agility - BSW #440
AI-Driven ‘OpenClaw Trap’ Campaign Targets Developers and Gamers via Trojanized GitHub Repos
A large-scale malware operation abusing GitHub to deliver a custom LuaJIT-based trojan to developers, gamers, and everyday users through convincing but troja...
Five Malicious npm Packages Target Crypto Developers, Steal Wallet Keys via Telegram
Five malicious npm packages impersonating popular crypto libraries are stealing wallet keys from Solana and Ethereum developers and exfiltrating them directl...
Delinea's Phil Calvin on redefining identity security for the agentic AI era
Phil Calvin discusses Delinea's recent of acquisition of StrongDM.