GovInfoSecurity

Flurry of Supply-Chain Software Library Attacks

As supply-chain attacks against widely-used, open-source software repositories continue, experts are urging developers to not ...

Two different attackers poisoned popular open source tools - and showed us the future of supply chain compromise

FEATURE Two supply chain attacks in March infected open source tools with malware and used this access to steal secrets from ...
Bleeping Computer

CRYSTALRAY hacker expands to 1,500 breached systems using SSH-Snake tool

A new threat actor known as CRYSTALRAY has significantly broadened its targeting scope with new tactics and exploits, now counting over 1,500 victims whose credentials were stolen and cryptominers ...

Payouts King ransomware uses QEMU VMs to bypass endpoint security

The Payouts King ransomware is using the QEMU emulator as a reverse SSH backdoor to run hidden virtual machines on ...