A man already serving a federal prison sentence has been charged with allegedly stealing and laundering cryptocurrency that had been forfeited to the United States.
Microsoft details GigaWiper, a destructive Windows backdoor that can wipe disks, encrypt files and give attackers remote access to compromised systems globally.
The researcher known as "Nightmare-Eclipse" published a proof-of-concept (PoC) exploit for the Windows Defender vulnerability in early June after dropping several other Microsoft zero-days.
Hackers compromised the Injective Labs SDK project's GitHub repository and used it to publish a malicious package on the Node Package Manager (npm) that stole cryptocurrency wallet private keys and mnemonic seed phrases. [...]
Security researchers at Wiz have disclosed GhostApproval, a vulnerability pattern affecting several major AI coding assistants and exposing a trust-boundary problem between developers, AI agents, and the local filesystem.
Datadog Security Labs is warning of "several overlapping campaigns" that are systematically enumerating corporate GitHub organizations, repositories, and user accounts through the GitHub API.
"Operators rely on automated scraping tooling with custom or legitimate-sounding user agents, leveraging GitHub 'ghost' accounts that are often years old, or compromised OAuth tokens and personal
A threat actor using the alias Monkeydance claims to have breached the Thepha District Public Health Office, a local health authority in Thailand operating under the Ministry of Public Health.