Bitwarden CLI npm package compromised to steal developer credentials

The Bitwarden CLI was briefly compromised after attackers uploaded a malicious @bitwarden/cli package to npm containing a credential-stealing payload capable of spreading to other projects.
The Hacker News

UNC6692 Impersonates IT Help Desk via Microsoft Teams to Deploy SNOW Malware

UNC6692 has been attributed to a large email campaign that's designed to overwhelm a target's inbox with a flood of spam ...
Security Boulevard

Bitwarden CLI Compromise Linked to Ongoing Checkmarx Supply Chain Campaign

The compromise of a version of Bitwarden's CLI is connected to the ongoing Checkmarx supply chain campaign, but differences in the operational methods of both incidents are making it difficult to ...
TechJuice

Hackers Deploy SNOW Malware Suite via Microsoft Teams

A cyber group is impersonating IT helpdesk staff via Microsoft Teams to deploy malware and target corporate systems.
Hackaday

Encrypting Encrypted Traffic To Get Around VPN Bans

VPNs, Virtual Private Networks, aren’t just a good idea to keep your data secure: for millions of people living under ...

Dr. Oz and Oprah aren't backing 'pink gelatin' weight loss trick. Here's how to spot scam

Online ads and videos falsely tied public figures to a supposed gelatin-based weight loss method and related products such as ...

How indirect prompt injection attacks on AI work - and 6 ways to shut them down

Cybercriminals are tricking AI into leaking your data, executing code, and sending you to malicious sites. Here's how.