Feb 01, 2025Ravie LakshmananVulnerability / Zero-Day BeyondTrust has revealed it completed an investigation into a recent cybersecurity incident that targeted some of the company’s Remote Support SaaS instances by making use of a compromised API key. The company said the breach involved 17 Remote Support SaaS customers and that the API key was used to … Read more
WhatsApp accounts compromised by Cyber Criminals: The latest Whatsapp Phishing attack highlights the growing sophistication of phishing campaigns, particularly those targeting organisations with a high volume of sensitive data or a role in international affairs. Star Blizzard’s WhatsApp phishing tactic demonstrates technical ingenuity and a deep understanding of human behaviour, exploiting trust in familiar platforms … Read more
In a supply chain attack that was first detected on Dec. 25, several Chrome extensions were compromised after a Cyberhaven employee was tricked by a phishing email that stole the worker’s credentials to the Google Chrome Web Store. A Dec. 27 blog post by Cyberhaven explained the attacker used these credentials on Dec. 24 to … Read more
Dec 20, 2024Ravie LakshmananMalware / Supply Chain Attack The developers of Rspack have revealed that two of their npm packages, @rspack/core and @rspack/cli, were compromised in a software supply chain attack that allowed a malicious actor to publish malicious versions to the official package registry with cryptocurrency mining malware. Following the discovery, versions 1.1.7 of … Read more
Japanese electronics giant Casio has confirmed that a ransomware attack earlier this month resulted in the theft of customer data. Casio first confirmed on October 7 it had been hit by a cyberattack, but at the time did not reveal the nature of the incident that caused unspecified “system disruption” across the company. In an … Read more
