Lazarus Group Spotted Targeting Nuclear Engineers with CookiePlus Malware

The Lazarus Group, an infamous threat actor linked to the Democratic People’s Republic of Korea (DPRK), has been observed leveraging a “complex infection chain” targeting at least two employees belonging to an unnamed nuclear-related organization withi… Continue reading Lazarus Group Spotted Targeting Nuclear Engineers with CookiePlus Malware

Posted in Uncategorized

Rspack npm Packages Compromised with Crypto Mining Malware in Supply Chain Attack

The developers of Rspack have revealed that two of their npm packages, @rspack/core and @rspack/cli, were compromised in a software supply chain attack that allowed a malicious actor to publish malicious versions to the official package registry with c… Continue reading Rspack npm Packages Compromised with Crypto Mining Malware in Supply Chain Attack

Posted in Uncategorized

Sophos Issues Hotfixes for Critical Firewall Flaws: Update to Prevent Exploitation

Sophos has released hotfixes to address three security flaws in Sophos Firewall products that could be exploited to achieve remote code execution and allow privileged system access under certain conditions.
Of the three, two are rated Critical in sever… Continue reading Sophos Issues Hotfixes for Critical Firewall Flaws: Update to Prevent Exploitation

Posted in Uncategorized

Hackers Exploiting Critical Fortinet EMS Vulnerability to Deploy Remote Access Tools

A now-patched critical security flaw impacting Fortinet FortiClient EMS is being exploited by malicious actors as part of a cyber campaign that installed remote desktop software such as AnyDesk and ScreenConnect. 
The vulnerability in question is … Continue reading Hackers Exploiting Critical Fortinet EMS Vulnerability to Deploy Remote Access Tools

Posted in Uncategorized