SecurityScorecard just swallowed Driftnet, a move signaling an aggressive push to fortify defenses against the ever-growing threat of supply-chain attacks.
Forget movie-style truck hijackings. The new frontier of cargo crime is digital, employing the very same playbook as sophisticated ransomware gangs. Millions in goods are vanishing.
Attackers are now using AI to discover zero-day vulnerabilities and craft sophisticated malware. This isn't theoretical; it's happening now, and real people are in the crosshairs.
It’s an ironic twist: a new malware campaign is actively removing signs of rival hackers, only to replace them with its own malware and pilfer sensitive credentials from cloud environments.
The days of worrying about minor npm annoyances are long gone. A chilling new breed of self-replicating malware is reshaping the threat landscape, turning the developer's trusted toolkit into a weapon.
We all figured Axios was untouchable, that rock-solid HTTP client millions rely on. But hackers didn't crack code—they conned humans, at industrial scale.
Everyone figured it'd be a quiet week post-patches. Instead, scams hijacked dream jobs, AI sparked bot wars, and supply chains took fresh hits—shifting how we guard credentials and code.
Your next SMS from 'IT support' could hand hackers your company's keys. 0ktapus just proved MFA is no silver bullet, snaring thousands in a slick Okta phishing blitz.
Your next PyPI download could hand hackers your cloud keys. TeamPCP's blending supply chain hacks with extortion gangs, turning dev tools into ransomware launchpads.