CSO Online

Bitwarden CLI password manager trojanized in supply chain attack

Attackers published a malicious command-line version of the popular open-source password manager to the npm registry and may ...

Bitwarden CLI npm package compromised to steal developer credentials

The Bitwarden CLI was briefly compromised after attackers uploaded a malicious @bitwarden/cli package to npm containing a credential-stealing payload capable of spreading to other projects.
The Hacker News

UNC6692 Impersonates IT Help Desk via Microsoft Teams to Deploy SNOW Malware

UNC6692 has been attributed to a large email campaign that's designed to overwhelm a target's inbox with a flood of spam ...
The Hacker News

ThreatsDay Bulletin: $290M DeFi Hack, macOS LotL Abuse, ProxySmart SIM Farms +25 New Stories

ThreatsDay Bulletin: active exploits, supply chain attacks, AI abuse, and stealth data risks observed this week.
Hosted on MSN

Python tricks every cybersecurity pro should know

Python has emerged as a trusted ally for cybersecurity teams thanks to its ease of use, adaptability, and wide range of libraries. From building quick prototypes to automating repetitive checks, it ...
Hosted on MSN

Level up your Python skills for certifications

Python is now central to many IT certifications, from penetration testing to advanced programming. Its broad capabilities make it valuable for cybersecurity, automation, and software development. With ...

New npm supply-chain attack self-spreads to steal auth tokens

A new supply chain attack targeting the Node Package Manager (npm) ecosystem is stealing developer credentials and attempting to spread through packages published from compromised accounts.

Fake Windows update installs hidden malware

Scammers built a convincing fake Windows update site that installs password-stealing malware. Learn how the multi-stage ...