Tag: #DataBreach
Cybercriminals are disguising fake password managers as legitimate apps to deliver LastPass malware through fraudulent GitHub repositories. The attack targets macOS users with ClickFix attacks, tricking them into pasting malicious commands into Terminal. At the center of this campaign is AMOS malware (Atomic Stealer), a dangerous macOS malware designed to steal passwords, banking data, and […]
A major npm supply chain attack has compromised more than 40 Node Package Manager (npm) packages, injecting a malicious script called bundle.js to steal sensitive developer credentials. According to security researchers, the campaign, dubbed the Shai-Hulud attack, uses the open-source tool TruffleHog (TruffleHog Secret Scanner) to extract secrets such as GitHub personal access tokens, Node […]
The 2025 Verizon DBIR (Data Breach Investigations Report) highlights a growing truth: cybercriminals don’t care about company size. Whether it’s a global enterprise or a local retailer, attackers are using the same techniques—ransomware, stolen credentials, phishing—across the board. For small- and medium-sized businesses (SMBs), the consequences are often worse because defenses are weaker, budgets are […]