@phongxuan

New npm supply-chain attack self-spreads to steal auth tokens

20h ago · 3 min read · A new supply chain attack targeting the Node Package Manager (npm) ecosystem is stealing developer credentials and attempting to spread through packages published from compromised accounts. The threat was spotted by researchers at application securit...

Inside Caller-as-a-Service Fraud: The Scam Economy Has a Hiring Process

20h ago · 6 min read · * Fraudulent phone calls have become a daily reality for millions of people worldwide. From fake law enforcement officials to bank representatives and impersonated tech support agents, victims are increasingly targeted through direct, real-time conve...

CISA flags new SD-WAN flaw as actively exploited in attacks

1d ago · 2 min read · The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has given government agencies four days to secure their systems against another Catalyst SD-WAN Manager vulnerability it flagged as actively exploited in attacks. Catalyst SD-WAN Manage...

UK probes Telegram, teen chat sites over CSAM sharing concerns

1d ago · 2 min read · Ofcom, the United Kingdom's independent communications regulator, has launched an investigation into Telegram based on evidence suggesting it's being used to share child sexual abuse material (CSAM). The was launched under the UK's Online Safety Act...

British Scattered Spider hacker pleads guilty to crypto theft charges

2d ago · 3 min read · A British man, believed to be the leader of the Scattered Spider cybercrime collective, has pleaded guilty in the United States to charges of wire fraud and aggravated identity theft. In November 2024, U.S. prosecutors 24-year-old Tyler Robert Bucha...