Tag: access
-
WhatsApp on Windows users targeted in new campaign, warns Microsoft
Microsoft warns WhatsApp on Windows users about an ongoing campaign that tries to gain permanent access to your machine First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/whatsapp-on-windows-users-targeted-in-new-campaign-warns-microsoft/
-
Manufacturing & Healthcare Share Struggles with Passwords
The two key economic sectors struggle with security for a reason: Many insiders view access management as a roadblock, while attackers see it as a way in. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/manufacturing-and-healthcare-share-struggles-with-passwords
-
Backdooring of JavaScript Library Axios Tied to North Korea
Expect Fallout After Remote Access Trojan Added to Popular JavaScript NPM Package. A supply-chain attack backdoored versions of Axios, a popular JavaScript library that’s present in many different software packages, to distribute a cross-platform, remote access Trojan. Identifying the full fallout from the attack could take some time, experts warned. First seen on govinfosecurity.com Jump…
-
WhatsApp malware campaign uses malicious VBS files to gain persistent access
MSI as the backdoor vehicle for persistence: The final stages of the campaign lead to persistence, using Microsoft Installer (MSI) packages as the delivery mechanism for backdoors.MSI files are an effective choice as they are not usually treated as inherently suspicious and can execute custom actions during installation. In this campaign, they are used to…
-
Hacker zielen auf Exilportal Iranwire
Unbekannte sollen das Exilportal Iranwire gehackt haben.Hacker haben nach Angaben der iranischen Justiz mutmaßlich Zugriff auf Daten eines bekannten Exilportals erlangt. Dabei seien große Menge an Daten erbeutet worden, darunter Schriftwechsel, Listen von Angestellten, Informanten sowie streng vertrauliche Daten, berichtete das Sprachrohr der iranischen Justiz, die Nachrichtenagentur Misan. Bei dem Portal handelte es sich um die gut informierte…
-
CrystalX Malware-as-a-Service Spreads via Telegram With Stealer, RAT Tools
Hackers are actively promoting a new malware-as-a-service (MaaS) platform called CrystalX RAT through private Telegram channels, offering cybercriminals a powerful toolkit that combines remote access, data theft, surveillance, and even prank-based disruption features. Security researchers identified the campaign in March 2026, noting that the malware is being sold under a subscription model with three pricing…
-
9 ways CISOs can combat AI hallucinations
Tags: access, ai, breach, ciso, compliance, control, corporate, cybersecurity, data, defense, encryption, flaw, framework, GDPR, governance, identity, metric, penetration-testing, regulation, risk, soc, tool, trainingTreat AI outputs as drafts, not finished products: One of the biggest risks is over-trusting AI, according to security experts. Coté says her organization changed its policy so AI-generated content cannot go straight into compliance documentation without a human review.”The moment your team starts treating an AI-generated answer as a finished work product, you have…
-
Google Cloud’s Vertex AI Hit by Vulnerability Enabling Sensitive Data Access
Artificial intelligence agents are transforming enterprise workflows, but they also introduce dangerous new attack vectors. Security researchers from Palo Alto Networks’ Unit 42 recently uncovered a significant vulnerability in Google Cloud Platform’s (GCP) Vertex AI Agent Engine. By exploiting overly broad default permissions, attackers can deploy a malicious >>double agent<< to secretly exfiltrate sensitive data…
-
Workload Identity and Access Management: The Definitive Guide
6 min readFor every human identity your IAM program governs, there are roughly 82 machine identities operating outside it. Most of them authenticate with static credentials that were provisioned once and never reviewed. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/workload-identity-and-access-management-the-definitive-guide/
-
Anthropic employee error exposes Claude Code source
Tags: access, ai, computer, control, credentials, cybercrime, data, data-breach, malicious, open-source, service, technology, tool, vulnerabilityCSO, “no sensitive customer data or credentials were involved or exposed. This was a release packaging issue caused by human error, not a security breach. We’re rolling out measures to prevent this from happening again.”But it wasn’t the first time this had happened; according to Fortune and other news sources, the same thing happened last…
-
GIGABYTE Control Center vulnerable to arbitrary file write flaw
The GIGABYTE Control Center is vulnerable to an arbitrary file-write flaw that could allow a remote, unauthenticated attacker to access files on vulnerable hosts. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/gigabyte-control-center-vulnerable-to-arbitrary-file-write-flaw/
-
The Open Back Door: Industrial Remote Access
Why Remote Access to Industrial Operations Is the Biggest Unmanaged Risk Remote access has become one of the largest unmanaged attack surfaces in industrial operations. Legacy VPNs and jump servers expose OT environments to serious risk. Learn how Cisco Cyber Vision’s Secure Equipment Access can secure vendor and engineer access while protecting critical infrastructure. First…
-
Supply chain attack on Axios npm package: Scope, impact, and remediations
Tags: access, api, attack, breach, cloud, control, credentials, crypto, data, data-breach, defense, exploit, incident response, macOS, malicious, malware, open-source, rat, risk, security-incident, software, supply-chain, theft, threat, vulnerability, windowsThe Axios npm package has been compromised in a supply chain attack that uploaded new versions of the package containing malicious code. Any environment that downloaded these compromised Axios versions is at risk of severe data theft, including the loss of credentials and API keys. Scan your environment now. Key takeaways This incident is a…
-
Attackers hijack Axios npm account to spread RAT malware
Threat actors hijacked the npm account of Axios to distribute RAT malware via malicious package updates. Threat actors compromised the npm account of Axios, a widely used library with over 100M weekly downloads, and published malicious versions to spread remote access trojans across Linux, Windows, and macOS. The supply chain attack was identified by multiple…
-
2026 SANS Identity Threats Report: Why Attacks Still Work
SANS findings highlight the real issue, compromised credentials enable access long before traditional security controls detect a problem. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/2026-sans-identity-threats-report-why-attacks-still-work/
-
Axios supply chain attack chops away at npm trust
Developers using the axios package from npm may have downloaded a malicous version that drops a Remote Access Trojan First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/axios-supply-chain-attack-chops-away-at-npm-trust/
-
How we made Trail of Bits AI-native (so far)
Tags: access, ai, application-security, attack, automation, blockchain, business, ceo, chatgpt, computer, computing, conference, control, data, email, germany, government, identity, injection, jobs, macOS, marketplace, nvidia, open-source, risk, service, skills, strategy, supply-chain, technology, threat, tool, vulnerabilityThis post is adapted from a talk I gave at [un]prompted, the AI security practitioner conference. Thanks to Gadi Evron for inviting me to speak. You can watch the recorded presentation below or download the slides. Most companies hand out ChatGPT licenses and wait for the productivity numbers to move. We built a system instead.…
-
How to Categorize AI Agents and Prioritize Risk
AI agent risk isn’t equal, it scales with access to systems and level of autonomy. Token Security explains how CISOs should categorize agents and prioritize what to secure first. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/how-to-categorize-ai-agents-and-prioritize-risk/
-
Hackers compromise Axios npm package to drop cross-platform malware
Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver remote access trojans to Linux, Windows, and macOS systems. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-compromise-axios-npm-package-to-drop-cross-platform-malware/
-
OpenAI patches twin leaks as Codex slips and ChatGPT spills
ChatGPT’s hidden outbound channel leaks user data: OpenAI has reportedly fixed a parallel bug in ChatGPT that goes beyond credential theft. Check Point researchers uncovered a hidden outbound communication path in ChatGPT’s code execution runtime that could be triggered with a single malicious prompt.This channel successfully bypassed the platform’s expected safeguards around external data sharing.…
-
Windows Tools Abused to Kill AV Ahead of Ransomware Attacks
Hackers are increasingly turning legitimate Windows administration tools into stealthy weapons to disable antivirus and EDR before launching ransomware, making attacks faster, quieter, and harder to stop. Instead of dropping noisy custom malware upfront, modern operators chain trusted utilities to gain SYSTEM access, kill security processes, and then encrypt at scale. Because many of these…
-
Axios NPM Packages Breached in Ongoing Supply Chain Attack
A severe supply chain attack has compromised the widely used Axios HTTP client on the npm registry. Attackers injected a malicious dependency into specific Axios releases, exposing millions of developers to a multi-stage remote access trojan capable of executing arbitrary commands and stealing system data. The malicious Axios versions, 1.14.1 and 0.30.4, were published directly…
-
Silver Fox Expands Asia Cyber Campaign with AtlasCross RAT and Fake Domains
Chinese-speaking users are the target of an active campaign that uses typosquatted domains impersonating trusted software brands to deliver a previously undocumented remote access trojan named AtlasCross RAT.”The operation covers VPN clients, encrypted messengers, video conferencing tools, cryptocurrency trackers, and e-commerce applications, with eleven confirmed delivery domains impersonating First seen on thehackernews.com Jump to article:…
-
Intel puts its data center performance knowledge on GitHub
Intel engineers have published a centralized repository of data center performance knowledge on GitHub, giving practitioners direct access to tuning guides, configuration … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/31/intel-optimization-zone-github/