Cybersecurity researchers have uncovered a large-scale attack targeting the npm ecosystem, compromising 16 popular React Native packages with a combined download count exceeding one million […]
Cloud assets have 115 vulnerabilities on average — some several years old
Companies are having a hard time keeping their cloud infrastructure secure and the race to adopt and integrate AI services into their apps and workflows […]
Critical Salesforce Vulnerability Exposes Global Users to SOQL Injection Attacks
In June 2025, a security researcher uncovered a critical SOQL (Salesforce Object Query Language) injection vulnerability in a default Salesforce Aura controller, affecting potentially thousands […]
HelloTDS Malware Spread via FakeCaptcha Infrastructure Infects Millions of Devices
In a Gen Threat Labs, a complex Traffic Direction System (TDS) dubbed “HelloTDS” has been uncovered, orchestrating the delivery of FakeCaptcha and other malicious campaigns […]
Malicious npm Utility Packages Enable Attackers to Wipe Production Systems
Socket’s Threat Research Team has uncovered two malicious npm packages, express-api-sync and system-health-sync-api, designed to masquerade as legitimate utilities while embedding destructive backdoors capable of […]
OpenAI Bans ChatGPT Accounts Used by Russian, Iranian and Chinese Hacker Groups
OpenAI has revealed that it banned a set of ChatGPT accounts that were likely operated by Russian-speaking threat actors and two Chinese nation-state hacking groups […]
Kimsuky Strikes Again – Coordinated Attacks Target Facebook, Email, and Telegram
A recent investigation by Genians Security Center (GSC) has uncovered a highly sophisticated, multi-channel cyber espionage campaign attributed to the North Korea-aligned advanced persistent threat […]
Kali GPT-Revolutionizing Penetration Testing with AI on Kali Linux
In the rapidly shifting digital world, cybersecurity professionals are constantly seeking innovative tools that not only streamline workflows but also empower users with deeper insights […]
New Supply Chain Malware Operation Hits npm and PyPI Ecosystems, Targeting Millions Globally
Cybersecurity researchers have flagged a supply chain attack targeting over a dozen packages associated with GlueStack to deliver malware. The malware, introduced via a change […]
Malicious Browser Extensions Infect 722 Users Across Latin America Since Early 2025
Cybersecurity researchers have shed light on a new campaign targeting Brazilian users since the start of 2025 to infect users with a malicious extension for […]