ShapedPlugin Supply Chain Attack Backdoors Pro Plugin Updates
Attackers backdoored ShapedPlugin Pro updates, deploying malware that steals credentials, 2FA secrets, and grants full site access. If you installed a Shaped...
20 articles
Attackers backdoored ShapedPlugin Pro updates, deploying malware that steals credentials, 2FA secrets, and grants full site access. If you installed a Shaped...
Indian manufacturer Tata Electronics said a recent cybersecurity incident had "no impact" on operations. A cybercrime group had said it stolen confidential d...
Multiple WordPress plugins from ShapedPlugin were compromised in a supply chain attack after unknown threat actors managed to tamper with the official releas...
Ransomware case reveals two parallel threat actors, blending tactics and evasion—showing why isolated signals can often miss modern, overlapping cyberattacks...
A malicious npm package, postcss-minify-selector-parser, has been discovered masquerading as a benign PostCSS utility and delivering a multi-stage Windows re...
North Korean threat actor Sapphire Sleet has been linked to a supply chain attack targeting Mastra, according to Microsoft security researchers
The LACUNA Chain’s “Ghost Frames” technique introduces a new method for manipulating call stacks that effectively bypasses modern Endpoint Detection and Resp...
At Zenith Live 2026 held on 16-17 June in Vienna, Zscaler sharpened a reality that Southeast Asia CIOs and CISOs are already sensing, which are, AI agents ar...
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: A hardware neural network backdoor that hides in plain sigh...
Microsoft has attributed a recent Mastra AI supply chain attack that compromised more than 140 npm packages to the North Korean hacking group Sapphire Sleet,...
Texas Cyber Command has disclosed a massive third-party data breach affecting the Texas Parks and Wildlife Department (TPWD), exposing the personal records o...
FortiBleed exposed a massive campaign that made billions of login attempts against Fortinet VPNs, compromising organizations worldwide. FortiBleed wasn’t a t...
AI-powered attacks are the biggest cybersecurity concern among security professionals. Forty-one percent identified AI-powered attacks at scale as their bigg...
The hackers exfiltrated data from Salesforce instances of Klue customers, such as Huntress and Recorded Future. The post Cybersecurity Firms Impacted by Klue...
A supply-chain style compromise in the Okendo Reviews widget that enabled the SmartApeSG threat actor to deliver staged JavaScript loaders across a wide e-co...
Accenture is expanding its position with the acquisition of a majority stake in Dragos and all of runZero and NetRise to deliver end-to-end operational techn...
INC has matured from an emerging RaaS operation into one of 2026’s most active ransomware families, claiming more than 800 victims since 2023 and capitalizin...
24 Billion Records Left Open Online: Passwords, Emails, and Everything Else Exposed database with 24 Billion records revealed stolen credentials from infoste...
The consulting giant’s majority stake in Dragos, along with the purchase runZero and NetRise, marks its first major push into operational technology software...
The deal values industrial cybersecurity giant Dragos at $3.25 billion, and runZero and NetRise will operate under Dragos.