52+ min ago  (641+ words) Rescana Megalodon Supply Chain Attack: Team PCP Compromises 5, 561 Git Hub Repositories via Malicious CI/CD Workflows A sophisticated and highly automated supply chain attack, designated as the Megalodon campaign, has compromised 5, 561 public Git Hub repositories by injecting malicious CI/CD…...

2+ week, 3+ hour ago  (153+ words) Indicators of Compromise (IOCs): Shiny Hunters published a list of affected institutions and a data leak site, both of which are only accessible from sandboxed environments and require caution. No malware hashes or other technical artifacts have been published. The…...

2+ week, 3+ hour ago  (475+ words) Technical Evidence: According to the ABW report and corroborating media sources, attackers accessed administrator accounts and altered settings linked to pumps and alarms. In several cases, they could modify device operating parameters in real time, creating a direct and concrete…...

2+ week, 3+ hour ago  (595+ words) Rescana Supply Chain Attack: Fake Open AI Repository on Hugging Face Distributes Infostealer Malware Targeting Developers and AI Tools Cybersecurity researchers uncovered a sophisticated supply chain attack leveraging a fake Open AI repository on the Hugging Face platform to distribute…...

2+ week, 3+ hour ago  (373+ words) There is no evidence of impact to NVIDIA's operations in other countries managed by GFN. am, such as Azerbaijan, Georgia, Kazakhstan, Moldova, Ukraine, or Uzbekistan. The breach is confined to Armenian users, and no spillover to other sectors or geographies…...

2+ week, 4+ day ago  (430+ words) The breach did not compromise uploaded video content, account credentials (such as passwords), or payment card information. Vimeo's operational systems remained unaffected, and there was no disruption to platform services. The attackers, Shiny Hunters, subsequently listed Vimeo'on their extortion portal…...

2+ mon, 6+ day ago  (361+ words) Rescana Yes, subscribe me to your newsletter. The emergence of the Leak Net ransomware campaign marks a significant escalation in the sophistication of ransomware operations targeting enterprise environments. This campaign leverages the Click Fix social engineering technique to gain initial…...

2+ mon, 6+ day ago  (395+ words) The technical evidence supporting these findings is of high quality, as all claims are corroborated by official statements and independent media reports. However, the absence of forensic details, such as logs or malware samples, limits the depth of technical analysis....

2+ mon, 6+ day ago  (319+ words) The Council of the European Union's sanctions are the result of a multi-year investigation into coordinated cyberattacks attributed to Chinese and Iranian entities. The technical evidence, corroborated by law enforcement and independent security researchers, details the methods, tools, and impact…...

2+ mon, 1+ week ago  (705+ words) The attack did not involve malware deployment or exploitation of technical vulnerabilities within the Partner Central platform itself. Instead, it relied entirely on social engineering and the absence of phishing-resistant multi-factor authentication (MFA). The attackers" use of valid credentials allowed…...