News

Infosecurity Magazine

Shai-Hulud Worm Prowls npm to Steal Hundreds of Secrets

The bundle.js script is designed to steal npm, GitHub, AWS and GCP tokens. But it also installs TruffleHog – an open source ...
Infosecurity Magazine

A Quarter of UK and US Firms Suffer Data Poisoning Attacks

British and American cybersecurity leaders are increasingly concerned about their expanding AI attack surface, particularly ...
Infosecurity Magazine

FileFix Campaign Using Steganography and Multistage Payloads

A rare in-the-wild FileFix campaign has been observed by cybersecurity researchers, which hides a second-stage PowerShell ...
Infosecurity Magazine

Critical CVEs in Chaos-Mesh Enable In-Cluster Code Execution

A trio of critical vulnerabilities in the Chaos-Mesh platform allow in-cluster attackers to run arbitrary code, even in ...
Infosecurity Magazine

Microsoft Disrupts RaccoonO365 Phishing Kit, Seizes 338 Malicious Sites

Microsoft revealed it has seized 338 websites associated with RaccoonO365, a phishing kit which has stolen at least 5000 ...
Infosecurity MagazineOpinion

Vibe Coding: Managing the Strategic Security Risks of AI-Accelerated Development

For security leaders and development executives, vibe coding represents a strategic risk that requires proactive governance ...
Infosecurity Magazine

TaskUs Employees Behind Coinbase Breach, US Court Filing Alleges

An employee of outsourcing firm TaskUs allegedly sold data stolen during the Coinbase data breach to hackers for $200 per record before her arrest in January 2025 ...