This has now impacted more than 800 npm libraries

Live Updates: Sha1-Hulud, The Second Coming - Hundreds of NPM Packages Compromised

A new wave of the Shai-Hulud malware is compromising hundreds of npm packages and destroying user home directories. Get live updates and mitigation...

View quoted note →

"A cross-party group of lawmakers will urge the European Parliament to ditch internal use of Microsoft’s ubiquitous software in favor of a European alternative, according to a letter obtained by POLITICO."

Get us off Microsoft! Lawmakers press EU Parliament to change in-house IT. – POLITICO

watchTowr Labs has found thousands of secret tokens and credentials shared publicly on code formatting and beautification sites, such as JSONFormatter and CodeBeautify

watchTowr Labs

Stop Putting Your Passwords Into Random Websites (Yes, Seriously, You Are The Problem)

Welcome to watchTowr vs the Internet, part 68. That feeling you’re experiencing? Dread. You should be used to it by now. As is fast becoming an...

The Tor Project replaces the Tor relay encryption with a new algorithm named the Counter Galois Onion

Counter Galois Onion: Improved encryption for Tor circuit traffic | Tor Project

Tor is upgrading its relay encryption algorithm for improved security. In upcoming releases, Arti and Tor will both support a new encryption algori...

Some recent security conference videos: Troopers - Hexacon - Bsides Canberra - NYMJCSC - VirusBulletin -

A secretive unit inside Iran's IRGC cyber branch is responsible for using hacked data for assassination operations

Nariman Gharib Blog

Department 40 Exposed: Inside the IRGC Unit Connecting Cyber Ops to Assassinations

A massive leak of internal documents has blown the cover off one of Iran's most active hacking groups. For years, the cybersecurity community track...

افشای هویت مدیران «اداره ۴۰» اطلاعات سپاه؛بزرگترین بانک اطلاعاتی جاسوسی تهران

Shai-Hulud Returns: Over 300 NPM packages infected via fake Bun runtime within hours

HelixGuard

Supply chain security, vulnerability intelligence, and malware detection.

The Fairfax County Police Department is looking for help in identifying suspects part of a group that installed malware on ATMs to carry out jackpotting attacks

Fairfax County Police Department News

Detectives Ask for the Public’s Help Identifying ATM Jackpotting Suspects

Fair Oaks Police District –Detectives from our Financial Crimes Unit are actively investigating a series of ATM thefts after Apple Federal Credit...

AI company Factory has detected multiple threat actors abusing its free tiers to automate cyberattacks, including "at least one state‑linked actor."

Factory.ai

The Droid Wars: Breaking up an AI‑orchestrated cyber fraud campaign | Factory.ai

Over the course of several days in October we detected and disrupted a highly automated cyber operation that had attemp...

Security firm DoubleVerify has found SkyWalk, a network of iOS games that serve ads inside invisible windows. The malicious code was traced back to the UniSkyWalking iOS mobile framework

FRAUD ALERT: Fake Gaming Apps May Be Gaming Your Ads

Read DV