SecurityWeek

China-Linked APT GopherWhisper Abuses Legitimate Services in Government Attacks

The China-linked APT GopherWhisper has been using legitimate services and various Go-based backdoors in attacks.

New BlackFile extortion group linked to surge of vishing attacks

A new financially motivated hacking group tracked as BlackFile has been linked to a wave of data theft and extortion attacks ...
The Hacker News

Tropic Trooper Uses Trojanized SumatraPDF and GitHub to Deploy AdaptixC2

Tropic Trooper used trojanized SumatraPDF and GitHub C2 in 2024 to deploy AdaptixC2, enabling covert VS Code tunnel access.
ITWeb

Practical tech skills that actually boost employability in 2026

Employers increasingly prioritise experience, portfolios and applied skills over formal degrees alone, says Robin Ramokgadi, ...
SecurityWeek

Bitwarden NPM Package Hit in Supply Chain Attack

The Bitwarden CLI NPM package compromise is tied to a Checkmarx supply chain attack and references the Shai-Hulud worm.
CSO Online

Bitwarden CLI password manager trojanized in supply chain attack

Attackers published a malicious command-line version of the popular open-source password manager to the npm registry and may ...

Trigona ransomware attacks use custom exfiltration tool to steal data

Recently observed Trigona ransomware attacks are using a custom, command-line tool to steal data from compromised ...
The Hacker News

UNC6692 Impersonates IT Help Desk via Microsoft Teams to Deploy SNOW Malware

UNC6692 has been attributed to a large email campaign that's designed to overwhelm a target's inbox with a flood of spam ...

How indirect prompt injection attacks on AI work - and 6 ways to shut them down

Cybercriminals are tricking AI into leaking your data, executing code, and sending you to malicious sites. Here's how.
CSO Online

NFC tap-to-pay gets tapped by hackers

Attackers are abusing a modified Android NFC app to steal payment card data and PINs for contactless fraud and ATM cash-outs.