Kaspersky’s Global Research and Analysis Team (GReAT) discovered an active supply chain attack targeting the official website of Daemon Tools, a widely used virtual drive emulation software. The compromised installer delivers malicious
Tenable Research has identified a critical vulnerability (CVSSv4 9.3) in a Microsoft GitHub repository that allowed for Remote Code Execution (RCE) and unauthorized access to repository secrets. This disclosure highlights that CI/CD
Identity attacks are on the rise — login locations a red flag What’s happening? Identity-based threats continue to rise — particularly those involving anomalous logins using stolen credentials (see SOC Threat Radar
Kaspersky Global Research and Analysis Team (GReAT) researchers have discovered that attackers behind the Notepad++ supply chain compromise targeted a government organization in the Philippines, a financial institution in El Salvador, an
Tenable Research investigated a malicious package in the npm public registry named “amber-src” that underscores the rapid nature of modern supply chain attacks. The package, which was downloaded approximately 50,000 times before
Kaspersky has detected a new malware for Android devices that it dubbed Keenadu. This malware is distributed in multiple forms – it can be preinstalled directly into devices’ firmware, embedded within system
