Infosecurity News
Supply Chain Attack Targets Key Ethereum Development Tools
A new supply chain attack targets Ethereum tools, exploiting npm packages to steal sensitive data
New PhishWP Plugin Enables Sophisticated Payment Page Scams
The PhishWP plugin enables scammers to create fake payment pages, stealing sensitive data via Telegram
Chinese Hackers Double Cyber-Attacks on Taiwan
Taiwan’s security service said government networks faced 2.4 million attacks in 2024, most of which are attributed to Chinese state actors
New Infostealer Campaign Uses Discord Videogame Lure
Threat actors are tricking victims into downloading malware with the promise of testing a new videogame
Scammers Drain $500m from Crypto Wallets in a Year
Scam Sniffer claims that threat actors used wallet drainers to steal $494m from victims in 2024
US Sanctions Chinese Cybersecurity Firm for Global Botnet Attacks
The US government said that China based firm Integrity Technology Group provided infrastructure for Flax Typhoon to attack multiple US targets
Atos Group Denies Space Bears' Ransomware Attack Claims
Atos Group has denied the ransomware group Space Bears' claims of compromising its database, calling the allegations unfounded
Crypto Boss Extradited to Face $40bn Fraud Charges
Former Terraform CEO Do Hyeong Kwon is now in the US facing federal fraud charges
DDoS Disrupts Japanese Mobile Giant Docomo
Docomo has revealed a DDoS attack on Thursday took down key services
Web3 Attacks Result in $2.3Bn in Cryptocurrency Losses
The amount of crypto stolen in the Web3 ecosystem rose by 31.6% compared to 2023, with phishing the most costly attack vector
Apple Agrees $95M Settlement Over Siri Privacy Violations
Apple has agreed to a $95m settlement in a class action lawsuit alleging Siri privacy violations, with eligible users receiving up to $20 per Siri-enabled device
US Confirms Russian GenAI Disinformation Op Targeted Election
The US government has sanctioned Russian state-affiliated entity CGE, which used a vast GenAI infrastructure to spread disinformation during the US Presidential election
Global Campaign Targets PlugX Malware with Innovative Portal
Sekoia’s innovative PlugX malware disinfection campaign removed active threats across ten countries
New DoubleClickjacking Attack Bypasses Protections
DoubleClickjacking bypasses X-Frame-Options and SameSite cookies in double-click sequences, exposing UI authentication flaws
HIPAA Rules Update Proposed to Combat Healthcare Data Breaches
The US government has set out proposals to increase security obligations on healthcare providers to protect patient data amid surging cyber-attacks in the sector
Hackers Leak Rhode Island Citizens' Data on Dark Web
The State of Rhode Island has confirmed that cybercriminals have begun publishing data stolen from its social services portal, the RIBridges system
Dozens of Chrome Browser Extensions Hijacked by Data Thieves
Over 2.5 million end users are at risk as researchers discover 36 compromised Chrome extensions
US Treasury Computers Accessed by China in Supply Chain Attack
Chinese hackers appear to have compromised Treasury machines via a trusted third party
Majority of UK SMEs Lack Cybersecurity Policy
Insurance firm Markel Direct found that 69% of UK SMEs lack a cybersecurity policy, with a significant lack of basic cybersecurity measures in place across these firms
CISA's 2024 Review Highlights Major Efforts in Cybersecurity Industry Collaboration
The US Cybersecurity and Infrastructure Security Agency’s 2024 Year in Review marks Jen Easterly’s final report before resignation
