GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos
The GlassWorm malware campaign is being used to fuel an ongoing attack that leverages the stolen GitHub tokens to inject…
Cyber Security
When Bots Outnumber Humans: The New Reality of Monitoring Web Traffic
In this post, we spoke with Todd Persen on when bots outnumber humans and the new reality of monitoring web…
⚡ Weekly Recap: Chrome 0-Days, Router Botnets, AWS Breach, Rogue AI Agents & More
Some weeks in security feel normal. Then you read a few tabs and get that immediate “ah, great, we’re doing…
Attackers Abuse LiveChat to Phish Credit Card, Personal Data
A social engineering campaign impersonating PayPal and Amazon uses customer support interactions to acquire sensitive info.
Packing Smart for Adventure Travel: Food, Gear, and Style for the Road
In this post, I will talk about packing smart for adventure travel. Traveling to outdoor destinations often requires more preparation…
Influential Authors: Reputable Writers in Cybersecurity
In this post, I will show you the reputable writers in cybersecurity. Cybersecurity can seem overwhelming, but it’s an integral…
Why Security Validation Is Becoming Agentic
If you run security at any reasonably complex organization, your validation stack probably looks something like this: a BAS tool…
ClickFix Campaigns Spread MacSync macOS Infostealer via Fake AI Tool Installers
Three different ClickFix campaigns have been found to act as a delivery vector for the deployment of a macOS information…
Goldshell E-DG1M: A High-Efficiency Scrypt Miner for Home and Small Farms
If you’re serious about Litecoin (LTC), Dogecoin (DOGE), or other Scrypt-based cryptocurrencies, the Goldshell E-DG1M is a game-changer. Combining high…
DRILLAPP Backdoor Targets Ukraine, Abuses Microsoft Edge Debugging for Stealth Espionage
Ukrainian entities have emerged as the target of a new campaign likely orchestrated by threat actors linked to Russia, according…