A recent supply chain attack on the npm package @lottiefiles/lottie-player exploited compromised developer access tokens to publish malicious versions, leading to unauthorized withdrawals from users’ crypto wallets.
The ransomware landscape in Q3 2024 saw a significant increase in successful attacks, with RansomHub emerging as the most active group and a notable rise in incidents linked to vulnerabilities in VPNs and weak passwords.
Organizations must adopt robust frameworks for third-party risk management to mitigate the rising threats of supply chain attacks, emphasizing the importance of independently validating the security of commercial software.
A staggering 77% of Black Friday-themed spam emails in 2024 were identified as scams, with cybercriminals targeting consumers through sophisticated phishing tactics and impersonation of trusted brands, leading to projected losses of $11 billion in the US alone.
The manufacturing sector has seen a significant rise in advanced email attacks, including phishing and business email compromise, with notable financial losses reported due to these sophisticated cyber threats.
Recent discoveries have identified two new Linux backdoors, WolfsBane and FireWood, attributed to the Gelsemium APT group, marking a significant shift in their operational strategy towards targeting Linux systems.
