Earth Ammit Disrupts Drone Supply Chains Through Coordinated Multi-Wave Attacks in Taiwan

In July 2024, Trend Micro disclosed the TIDRONE campaign, in which threat actors targeted Taiwan’s military and satellite industries. During their investigation, Trend Micro researchers discovered that multiple compromised entities were using the same enterprise resource planning (ERP) software. This Read More …

Hundreds of top ecommerce sites under attack following Magento supply chain flaw

Hundreds of ecommerce websites, including at least one major player, behemoth, have been compromised after poisoned Magento extensions woke up from a six-year slumber. Cybersecurity researchers Sansec discovered the supply chain attack after one of its clients was targeted, ultimately Read More …

Over 1.6 million customers now hit in massive insurance data breach

More than 1.6 million people are now thought to have been affected by the May 2024 cyberattack at Landmark Admin, twice as many as originally thought. The company confirmed the news in an updated report filed with the Office of Read More …

Hertz Data Breach Included Credit Card, Personal Data

The car-rental company Hertz is warning its customers that a data breach exposed personal information including driver’s licenses, credit-card data, contact information and in some cases social security or passport numbers. The company said that hackers breached Cleo Communications, a Read More …

ZDI-23-1527 and ZDI-23-1528: The Potential Impact of Overly Permissive SAS Tokens on PC Manager Supply Chains

In this blog entry, Trend Micro researchers look at overly permissive cloud service credentials in Microsoft’s public-facing assets and assess their potential implications on software supply chain and software integrity. We do this by exploring two scenarios involving PC Manager, Read More …

Slow Pisces Targets Developers With Coding Challenges and Introduces New Customized Python Malware

Slow Pisces (aka Jade Sleet, TraderTraitor, PUKCHONG) is a North Korean state-sponsored threat group primarily focused on generating revenue for the DPRK regime, typically by targeting large organizations in the cryptocurrency sector. This article analyzes their campaign that we believe Read More …

Critical Security Incident involving GitHub Action tj-action/changed-files

A critical security incident involving the tj-actions/changed-files GitHub Action has been reported. The changed-files action, which allows GitHub repositories to track file changes, has been tampered with to allow the exposure through GitHub Actions build logs of CI/CD secrets, including Read More …

Bank Of America Alerts Customers To Data Breach, Offers Identity Theft Protection For Affected Accounts

The Bank of America has alerted a small group of its customers about a data breach that may have exposed confidential information. The breach, which took place on December 30, was a result of improper handling of confidential documents by Read More …

New XCSSET malware adds new obfuscation, persistence techniques to infect Xcode projects

Microsoft Threat Intelligence has uncovered a new variant of XCSSET, a sophisticated modular macOS malware that infects Xcode projects, in the wild during routine threat hunting. Its first known variant since 2022, this latest XCSSET malware features enhanced obfuscation methods, Read More …

Japanese telco giant NTT Com says hackers accessed details of almost 18,000 organizations

Japanese telecom giant NTT Communications (NTT Com) has confirmed that hackers accessed the data of almost 18,000 corporate customers during a February cyberattack, affecting an as-yet-unknown number of individuals. The Tokyo-based NTT Com, which provides phone and network tech to Read More …