Moonstone Sleet, a North Korea-linked threat actor, distributes malicious npm packages targeting Windows systems, highlighting the ongoing cyber threat posed by North Korean threat actors.
The White House and ECCouncil have teamed up to invest $15 million in training programs to address the global cybersecurity workforce gap, aiming to train over 50,000 students in cybersecurity skills such as ethical hacking and network defense.
Security researchers have discovered a critical pre-authentication remote code execution vulnerability in Apache OFBiz, allowing threat actors to execute remote code without authentication.
A flaw in Rockwell Automation’s controllers allows threat actors to bypass security features and gain unauthorized access to industrial control systems.
Security researchers have identified vulnerabilities in Windows Smart App Control and SmartScreen features, allowing attackers to bypass security checks and gain access to systems since 2018.
Security researchers have identified StormBamboo as a China-linked APT group responsible for compromising an ISP through a supply chain attack involving DNS poisoning.
