North Korea targets macOS users in latest heist

North Korean criminals set on stealing Apple users' credentials and cryptocurrency are using a combination of social ...
Microsoft

Dissecting Sapphire Sleet’s macOS intrusion from lure to compromise

The Microsoft Defender Security Research Team uncovered a sophisticated macOS intrusion campaign attributed to the North ...
Homeland Security Today

Supply Chain Compromise Impacts Axios Node Package Manager , CISA Alert Warns

The Cybersecurity and Infrastructure Security Agency (CISA) has released an alert to provide guidance in response to the ...
Crowdfund Insider

Blockchain Analytics Firm Nansen Enhances Onchain Data Access with Pay-Per-Call Model

Nansen noted that in the ecosystem of blockchain analytics, traditional access models have long frustrated developers and ...
Dark Reading

North Korea Uses ClickFix to Target macOS Users' Data

North Korea's Sapphire Sleet uses fake job offers and phony Zoom updates to deliver ClickFix attacks that steal credentials ...
Bitdefender

AgingFly malware hits local authorities and hospitals in Ukraine

CERT-UA links the AgingFly credential-stealing campaign to phishing, browser theft, and modular remote access.

Mac Script Editor becomes new entry point for ClickFix malware

ClickFix attacks targeting Mac users now use Script Editor instead of Terminal, a shift that sidesteps Apple's latest protections and streamlines the attack.

New AgingFly malware used in attacks on Ukraine govt, hospitals

A new malware family named 'AgingFly' has been identified in attacks against local governments and hospitals that steal ...
Computer Weekly

North Korean social engineering campaign targets MacOS users

A MacOS-focused social engineering campaign orchestrated by North Korea-based threat actor Sapphire Sleet has been exposed by ...
Decrypt

Foundry Launches Zcash Mining Pool Alongside Industry-Leading Bitcoin Pool

The world's largest Bitcoin mining pool operator expands into the privacy-focused Zcash token with rapid network adoption.
InfoWorld

Claude Code is still vulnerable to an attack Anthropic has already fixed

The leak of Claude Code’s source is already having consequences for the tool’s security. Researchers have spotted a vulnerability documented in the code.

Operant AI Launches CodeInjectionGuard to Defend AI Agents Against Runtime Code Injection Attacks

Operant AI builds runtime security for AI agents, defending autonomous systems at the point of execution where static analysis and pre-deployment scanning cannot reach. Agent Protector provides ...