#The Hacker News

Nobelium, the threat actor behind the SolarWinds compromise in December 2020, has been behind a new wave of attacks that compromised 14 downstream customers of multiple cloud service providers (CSP), managed service providers (MSP), and other IT services organizations, illustrating the adversary's continuing interest in targeting the supply chain via the "compromise-one-to-compromise-many"

Cybersecurity researchers on Friday disclosed a now-patched critical vulnerability in multiple versions of a time and billing system called BillQuick that's being actively exploited by threat actors to deploy ransomware on vulnerable systems. CVE-2021-42258, as the flaw is being tracked as, concerns an SQL-based injection attack that allows for remote code execution and was successfully

The iPhone of New York Times journalist Ben Hubbard was repeatedly hacked with NSO Group's Pegasus spyware tool over a three-year period stretching between June 2018 to June 2021, resulting in infections twice in July 2020 and June 2021. The University of Toronto's Citizen Lab, which publicized the findings on Sunday, said the "targeting took place while he was reporting on Saudi Arabia, and

The U.S. Cybersecurity and Infrastructure Security Agency on Friday warned of crypto-mining and password-stealing malware embedded in "UAParser.js," a popular JavaScript NPM library with over 6 million weekly downloads, days after the NPM repository moved to get rid of three rogue packages that were found to mimic the same library. <!--adsense--> The supply-chain attack targeting the open-source

Microsoft on Thursday disclosed an "extensive series of credential phishing campaigns" that takes advantage of a custom phishing kit that stitched together components from at least five different widely circulated ones with the goal of siphoning user login information. The tech giant's Microsoft 365 Defender Threat Intelligence Team, which detected the first instances of the tool in the wild in

The U.S. Cybersecurity and Infrastructure Security Agency on Friday warned of crypto-mining malware embedded in "UAParser.js," a popular JavaScript NPM library with over 6 million weekly downloads, days after the NPM repository moved to get rid of three rogue packages that were found to mimic the same library. <!--adsense--> The supply-chain attack targeting the open-source library saw three

The Russian-led REvil ransomware gang was felled by an active multi-country law enforcement operation that resulted in its infrastructure being hacked and taken offline for a second time earlier this week, in what's the latest action taken by governments to disrupt the lucrative ecosystem. The takedown was first reported by Reuters, quoting multiple private-sector cyber experts working with the

The financially motivated FIN7 cybercrime gang has masqueraded as yet another fictitious cybersecurity company called "Bastion Secure" to recruit unwitting software engineers under the guise of penetration testing in a likely lead-up to a ransomware scheme. "With FIN7's latest fake company, the criminal group leveraged true, publicly available information from various legitimate cybersecurity

The U.S. Cybersecurity and Infrastructure Security Agency on Friday warned of crypto-mining malware embedded in "UAParser.js," a popular JavaScript NPM library with over 6 million weekly downloads, days after the NPM repository moved to remove three rogue packages that were found to mimic the same library. <!--adsense--> The supply-chain attack targeting the open-source library saw three

Three JavaScript libraries uploaded to the official NPM package repository have been unmasked as crypto-mining malware, once again demonstrating how open-source software package repositories are becoming a lucrative target for executing an array of attacks on Windows, macOS, and Linux systems. The malicious packages in question — named okhsa, klow, and klown — were published by the same