Homeland Security Today

Supply Chain Compromise Impacts Axios Node Package Manager , CISA Alert Warns

The Cybersecurity and Infrastructure Security Agency (CISA) has released an alert to provide guidance in response to the ...

North Korea targets macOS users in latest heist

North Korean criminals set on stealing Apple users' credentials and cryptocurrency are using a combination of social ...
Microsoft

Dissecting Sapphire Sleet’s macOS intrusion from lure to compromise

The Microsoft Defender Security Research Team uncovered a sophisticated macOS intrusion campaign attributed to the North ...
Crowdfund Insider

Blockchain Analytics Firm Nansen Enhances Onchain Data Access with Pay-Per-Call Model

Nansen noted that in the ecosystem of blockchain analytics, traditional access models have long frustrated developers and ...

Operant AI Launches CodeInjectionGuard to Defend AI Agents Against Runtime Code Injection Attacks

Operant AI builds runtime security for AI agents, defending autonomous systems at the point of execution where static analysis and pre-deployment scanning cannot reach. Agent Protector provides ...
Dark Reading

North Korea Uses ClickFix to Target macOS Users' Data

North Korea's Sapphire Sleet uses fake job offers and phony Zoom updates to deliver ClickFix attacks that steal credentials ...
Bitdefender

AgingFly malware hits local authorities and hospitals in Ukraine

CERT-UA links the AgingFly credential-stealing campaign to phishing, browser theft, and modular remote access.

Mac Script Editor becomes new entry point for ClickFix malware

ClickFix attacks targeting Mac users now use Script Editor instead of Terminal, a shift that sidesteps Apple's latest ...

New AgingFly malware used in attacks on Ukraine govt, hospitals

A new malware family named 'AgingFly' has been identified in attacks against local governments and hospitals that steal ...

Adversaries hijacked AI security tools at 90+ organizations. The next wave has write access to the firewall

Autonomous SOC agents now shipping can rewrite firewall rules and modify IAM policies — outpacing the governance frameworks ...
Computer Weekly

North Korean social engineering campaign targets macOS users

A MacOS-focused social engineering campaign orchestrated by North Korea-based threat actor Sapphire Sleet has been exposed by ...
InfoWorld

Claude Code is still vulnerable to an attack Anthropic has already fixed

The leak of Claude Code’s source is already having consequences for the tool’s security. Researchers have spotted a vulnerability documented in the code.