Author Archives: The Hacker News

Critical security vulnerabilities have been disclosed in SEPPMail Secure E-Mail Gateway, an enterprise-grade email security solution, that could be exploited to achieve remote code execution and enable an attacker to read arbitrary mails from the virtu… Continue reading SEPPMail Secure E-Mail Gateway Vulnerabilities Enable RCE and Mail Traffic Access→

Cybersecurity researchers have flagged a compromised version of the Nx Console extension that was published to the Microsoft Visual Studio Code (VS Code) Marketplace.

The extension in question is rwl.angular-console (version 18.95.0), a popular user i… Continue reading Compromised Nx Console 18.95.0 Targeted VS Code Developers with Credential Stealer→

In yet another software supply chain attack, threat actors have compromised the popular GitHub Actions workflow, actions-cool/issues-helper, to run malicious code that harvests sensitive credentials and exfiltrates them to an attacker-controlled server… Continue reading GitHub Actions Supply Chain Attack Redirects Tags to Steal CI/CD Credentials→

Cybersecurity researchers have discovered a fresh software supply chain attack campaign that has compromised various npm packages associated with the @antv ecosystem as part of the ongoing Mini Shai-Hulud attack wave.

“The attack affects packages tied… Continue reading Mini Shai-Hulud Pushes Malicious AntV npm Packages via Compromised Maintainer Account→

INTERPOL has coordinated a first-of-its-kind cybercrime crackdown across the Middle East and North Africa (MENA) that led to 201 arrests and the identification of an additional 382 suspects.
The initiative involved the efforts of 13 countries from the … Continue reading INTERPOL Operation Ramz Disrupts MENA Cybercrime Networks with 201 Arrests→

Monday opens with a trust problem. A mail server flaw is under active use. A network control system was targeted. Trusted packages were poisoned. A fake model page pushed a stealer. Then came the familiar ransom claim: the data was returned and deleted… Continue reading ⚡ Weekly Recap: Exchange 0-Day, npm Worm, Fake AI Repo, Cisco Exploit and More→

What happens when a phishing email looks clean enough to pass through security, but dangerous enough to expose the business after one click? That is the gap many SOCs still struggle with: the attacks that leave teams unsure what was exposed, who else w… Continue reading How to Reduce Phishing Exposure Before It Turns into Business Disruption→

Supply chain attackers are not only trying to slip malicious code into trusted software. They are trying to steal the access that makes trusted software possible. Recently, three separate campaigns hit npm, PyPI, and Docker Hub in a 48-hour window, and… Continue reading Developer Workstations Are Now Part of the Software Supply Chain→

Ivanti, Fortinet, n8n, SAP, and VMware have released security fixes for various vulnerabilities that could be exploited by bad actors to bypass authentication and execute arbitrary code.
Topping the list is a critical flaw impacting Ivanti Xtraction (C… Continue reading Ivanti, Fortinet, SAP, VMware, n8n Patch RCE, SQL Injection, Privilege Escalation Flaws→

Cybersecurity researchers have discovered four new npm packages containing information-stealing malware, one of which is a clone of the Shai-Hulud worm open-sourced by TeamPCP.
The list of identified packages is below –

chalk-tempalte (825 Downloads)
… Continue reading Four Malicious npm Packages Deliver Infostealers and Phantom Bot DDoS Malware→