Search results for: “network security”
-
North Korea’s ‘Contagious Interview’ Malware Delivery
North Korean threat actors in the “Contagious Interview” campaign are now using JSON storage services to host and deliver malicious payloads, signaling an evolving strategy to evade detection and maintain persistence.
-
What is Operation Endgame?
Operation Endgame is a major international law enforcement initiative aimed at disrupting and dismantling significant cybercrime infrastructure globally, targeting widespread malware families, botnets, and other illicit tools.
-
What is Rhadamanthys Infostealer?
Rhadamanthys Infostealer compromises digital security by illicitly acquiring sensitive user data. This sophisticated malicious software operates as a Malware-as-a-Service (MaaS), posing a significant threat to individuals and organizations. It facilitates widespread credential theft and financial exploitation. This report examines Rhadamanthys’ operational mechanisms, its propagation methods, and the broader implications of its activities, including recent efforts…
-
Understanding Package Registry Flooding
Package registry flooding is a cyberattack where threat actors overwhelm software package repositories with fake entries to hide malicious content, erode trust, and create vulnerabilities in the software supply chain. This article details its operation, impact, and mitigation strategies.
-
Digital Services Act (DSA)
The European Union (EU) introduced the Digital Services Act (DSA) to establish a secure, accountable online environment. The DSA, alongside the Digital Markets Act (DMA), safeguards users’ fundamental rights and fosters a competitive landscape within the European Single Market and globally.
-
What is an npm Worm?
An npm worm is a self-propagating campaign that exploits the npm registry by distributing fake or deceptive software packages to flood the registry. These financially motivated campaigns often use automated means, deceptive naming schemes, and self-propagating mechanisms to proliferate and obscure legitimate packages within the software supply chain, posing a significant risk to its integrity…
-
What is CitrixBleed 2 (CVE-2025-5777)?
CitrixBleed 2 (CVE-2025-5777) is a critical information-disclosure vulnerability impacting NetScaler ADC and Gateway systems, allowing unauthorized attackers to bypass MFA, hijack admin sessions, and establish unauthorized VDE sessions. This zero-day was exploited by an unnamed APT group before a patch was released.
-
FPV Drones in Modern Warfare
Explore the critical role of First-Person View (FPV) drones in modern warfare, their tactical superiority, and their impact on cyber and electronic warfare, including training and counter-drone measures.
-
Global Fraud Rings Explained
Global fraud rings are highly organized, transnational criminal enterprises that use intricate networks and sophisticated tactics to illicitly acquire money, assets, or sensitive information from individuals, corporations, and national economies across international borders.
-
CitrixBleed: Critical Flaw Leads to Session Hijacking and MFA Bypass
CitrixBleed is a critical information-disclosure vulnerability affecting Citrix NetScaler ADC and Gateway systems. Attackers exploit this flaw to steal session tokens, hijack user sessions, and bypass multi-factor authentication, leading to data breaches, system compromise, and digital espionage by APT groups and cybercriminals.