%term

A Tale of Two Ransomware-as-a-Service Threat Groups

Aug 28, 2025 By Trustwave In Trustwave

Ransomware distributors are bad enough, but there should be a special place in the dark web's basement that only offers ISDN connections and no Wi-Fi, reserved for those groups that insist their attack was a benign cybersecurity service or those who only attack entities that they say deserve to be struck. At least based on their logic.

Read Post

Trustwave

Read more about A Tale of Two Ransomware-as-a-Service Threat Groups

Investigating The Nx "s1ngularity" Attack: What GitGuardian Uncovered And How You Can Stay Safe

Aug 28, 2025 By GitGuardian In GitGuardian

Discover the chilling details of the Nx “s1ngularity” supply chain attack. On August 26, 2025, the massively popular Nx npm package, with millions of weekly downloads, was compromised with credential‑harvesting malware.

View Video

GitGuardian

Read more about Investigating The Nx "s1ngularity" Attack: What GitGuardian Uncovered And How You Can Stay Safe

China's Cyber Strategy Exposed

Aug 27, 2025 By Rubrik In Rubrik

Chinese cyber operations aren’t random hacks; they are part of a broader geopolitical competition for information, economic advantage, and strategic influence. Every operation ties back to China’s long-term national objectives. Mei Danowski, Co-Founder of Natto Thoughts Online Publication, explains how these attacks serve national objectives and why cybersecurity defenders must adapt.

View Video

Rubrik

Read more about China's Cyber Strategy Exposed

8 Malicious npm Packages Deliver Multi-Layered Chrome Browser Information Stealer

Aug 27, 2025 By Guy Korolevski In JFrog

Open-source software repositories have become one of the main entry points for attackers as part of supply chain attacks, with growing waves using typosquatting and masquerading, pretending to be legitimate. The JFrog Security Research team regularly monitors open-source software repositories using advanced automated tools, in order to detect malicious packages.

Read Post

JFrog

Read more about 8 Malicious npm Packages Deliver Multi-Layered Chrome Browser Information Stealer

Malicious Screen Connect Campaign Abuses AI-Themed Lures for Xworm Delivery

Aug 27, 2025 By Bolesław Szołtysik, Chris Tomboc, Serhii Melnyk In Trustwave

During a recent Advanced Continual Threat Hunt (ACTH) investigation, the Trustwave SpiderLabs Threat Hunt team identified a deceptive campaign that abused fake AI-themed content to lure users into executing a malicious, pre-configured ScreenConnect installer.

Read Post

Trustwave

Read more about Malicious Screen Connect Campaign Abuses AI-Themed Lures for Xworm Delivery

The Business of Malware: Inside the MaaS Economy

Aug 27, 2025 By Emma Stevens In BitSight

In our 2025 State of the Underground report, we found that 384 unique varieties of malware were sold across the top three criminal forums in 2024, a 10% increase from 349 in 2023, signifying an expansion in the underground malware marketplace. These figures reflect malware explicitly offered for sale (not shared freely), and each distinct version or naming variation is counted independently.

Read Post

BitSight

Read more about The Business of Malware: Inside the MaaS Economy

CTI Roundup: Malicious Python Packages, PipeMagic, Noodlophile Stealer

Aug 27, 2025 By Tanium In Tanium

Researchers uncover malicious Python packages, PipeMagic masquerades as a ChatGPT desktop app, and Noodlophile Stealer targets enterprises through social media.

Read Post

Tanium

Read more about CTI Roundup: Malicious Python Packages, PipeMagic, Noodlophile Stealer

Investigating the Oyster Backdoor Campaign and its Targeting of IT Professionals

Aug 26, 2025 By Thomas Elkins, Joshua Green, and Ian Harte In BlueVoyant

BlueVoyant investigated the latest Oyster malware attacks, delivered in a widespread campaign targeting IT professionals by impersonating legitimate IT tools. The campaign was originally discovered by outside researchers, but when BlueVoyant’s SOC observed suspicious behavior in a client environment within the healthcare sector, the team, including the Threat Fusion Cell (TFC), decided to delve deeper.

Read Post

BlueVoyant

Read more about Investigating the Oyster Backdoor Campaign and its Targeting of IT Professionals

Five-Year Plans, Forever Wars: China's Blueprint for Cyber Dominance

Aug 26, 2025 By Rubrik In Rubrik

Chinese state-backed cyber operations are often misunderstood as a single, centrally controlled machine. In reality, they are fragmented, diverse, and strategically aligned with China’s national objectives, from economic development to critical infrastructure positioning. In this episode of Data Security Decoded, join Caleb Tolin as he sits down with Mei Danowski, Co-Founder of Natto Thoughts and expert in geopolitical intelligence, to explore how China’s cyber ecosystem operates and how it is shaped by cultural, political, and economic structures.

View Video