Tag: worm
-
âš¡ Weekly Recap: Oracle 0-Day, BitLocker Bypass, VMScape, WhatsApp Worm & More
The cyber world never hits pause, and staying alert matters more than ever. Every week brings new tricks, smarter attacks, and fresh lessons from the field.This recap cuts through the noise to share what really matters”, key trends, warning signs, and stories shaping today’s security landscape. Whether you’re defending systems or just keeping up, these…
-
âš¡ Weekly Recap: Oracle 0-Day, BitLocker Bypass, VMScape, WhatsApp Worm & More
The cyber world never hits pause, and staying alert matters more than ever. Every week brings new tricks, smarter attacks, and fresh lessons from the field.This recap cuts through the noise to share what really matters”, key trends, warning signs, and stories shaping today’s security landscape. Whether you’re defending systems or just keeping up, these…
-
Cybersecurity Snapshot: CISA Highlights Vulnerability Management Importance in Breach Analysis, as Orgs Are Urged To Patch Cisco Zero-Days
Tags: 2fa, access, advisory, api, attack, authentication, breach, business, cisa, cisco, cloud, control, credentials, crime, cve, cyber, cybersecurity, data, defense, endpoint, exploit, fido, finance, firewall, framework, github, grc, guide, identity, incident response, infrastructure, Internet, ISO-27001, kev, law, lessons-learned, malicious, malware, mfa, mitigation, monitoring, network, open-source, phishing, privacy, ransomware, risk, saas, scam, security-incident, service, soc, software, supply-chain, tactics, threat, update, vpn, vulnerability, vulnerability-management, worm, zero-dayCISA’s takeaways of an agency hack include a call for timely vulnerability patching. Plus, Cisco zero-day bugs are under attack, patch now. Meanwhile, the CSA issued a framework for SaaS security. And get the latest on the npm breach, the ransomware attack that disrupted air travel and more! Here are six things you need to…
-
ShadowV2 turns DDoS into a cloud-native subscription service
From botnet to business platform: ShadowV2 is not just malware, it is a marketplace. Darktrace uncovered a full operator interface built with Tailwind and FastAPI, complete with Swagger documentation, admin and user privilege tiers, blacklists, and modular attack options. The design mirrors legitimate SaaS platforms, featuring dashboards and animations that make DDoS as easy as…
-
âš¡ Weekly Recap: Chrome 0-Day, AI Hacking Tools, DDR5 Bit-Flips, npm Worm & More
The security landscape now moves at a pace no patch cycle can match. Attackers aren’t waiting for quarterly updates or monthly fixes”, they adapt within hours, blending fresh techniques with old, forgotten flaws to create new openings. A vulnerability closed yesterday can become the blueprint for tomorrow’s breach.This week’s recap explores the trends driving that…
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 63
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter SmokeLoader Rises From the Ashes Hive0154, aka Mustang Panda, drops updated Toneshell backdoor and novel SnakeDisk USB worm Popular Tinycolor npm Package Compromised in Supply Chain Attack Affecting 40+ Packages Self-replicating Shai-hulud worm spreads…
-
A Dangerous Worm Is Eating Its Way Through Software Packages
Plus: An investigation reveals how US tech companies reportedly helped build China’s sweeping surveillance state, and two more alleged members of the Scattered Spider hacking group were arrested. First seen on wired.com Jump to article: www.wired.com/story/a-dangerous-worm-is-eating-its-way-through-software-packages/
-
Security News This Week: A Dangerous Worm Is Eating Its Way Through Software Packages
Plus: An investigation reveals how US tech companies reportedly helped build China’s sweeping surveillance state, and two more alleged members of the Scattered Spider hacking group were arrested. First seen on wired.com Jump to article: www.wired.com/story/a-dangerous-worm-is-eating-its-way-through-software-packages/
-
New Wave of Self-Replicating NPM Malware Exposes Critical Gaps in Software Supply Chain Security
The Shai-Hulud NPM worm highlights rising open-source supply chain threats. Secure builds with SBOMs, MFA, signed packages, and zero-trust defenses. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/new-wave-of-self-replicating-npm-malware-exposes-critical-gaps-in-software-supply-chain-security/
-
Shai-Hulud Worm – Supply-Chain-Angriff trifft über 180 npm-Pakete
First seen on security-insider.de Jump to article: www.security-insider.de/npm-pakete-supply-chain-angriff-malware-infektion-a-7058d3a07ba5184bbd66002da6001877/
-
New Shai-hulud Worm Infecting npm Packages With Millions of Downloads
ReversingLabs discovers >>Shai-hulud,
-
Shai-Hulud Worm Prowls npm to Steal Hundreds of Secrets
Tags: wormA secret-stealing worm is spreading fast across the npm ecosystem, experts have warned First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/supply-chain-worm-hundreds-npm/
-
Self-Replicating Worm Compromising Hundreds of NPM Packages
An ongoing supply chain attack dubbed “Shai-Hulud” has compromised hundreds of packages in the npm repository with a self-replicating worm that steals secrets like API key, tokens, and cloud credentials and sends them to external servers that the attackers control. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/self-replicating-worm-compromising-hundreds-of-npm-packages/
-
Self-Replicating ‘Shai-hulud’ Worm Targets NPM Packages
The newly emerged worm has spread across hundreds of open source software packages, stealing credentials and infecting other components without much direct attacker input. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/self-replicating-shai-hulud-worm-npm-packages
-
Self-replicating worm hits 180+ npm packages in (largely) automated supply chain attack
A potentially monumental supply chain attack is underway, thanks to a self-replicating worm-like payload that has been compromising packages published on the npm Registry. The … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/16/self-replicating-worm-hits-180-npm-packages-in-largely-automated-supply-chain-attack/
-
Self-Replicating Worm Hits 180+ npm Packages to Steal Credentials in Latest Supply Chain Attack
Cybersecurity researchers have flagged a fresh software supply chain attack targeting the npm registry that has affected more than 40 packages that belong to multiple maintainers.”The compromised versions include a function (NpmModule.updatePackage) that downloads a package tarball, modifies package.json, injects a local script (bundle.js), repacks the archive, and republishes it, enabling First seen on thehackernews.com…
-
Self-propagating supply chain attack hits 187 npm packages
Security researchers have identified at least 187 npm packages compromised in an ongoing supply chain attack. The coordinated worm-style campaign dubbed ‘Shai-Hulud’ started yesterday with the compromise of the @ctrl/tinycolor npm package, and has now expanded to CrowdStrike’s npm namespace. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/self-propagating-supply-chain-attack-hits-187-npm-packages/
-
Self-propagating worm fuels latest npm supply chain compromise
Intrusions bear the same hallmarks as recent Nx mess First seen on theregister.com Jump to article: www.theregister.com/2025/09/16/npm_under_attack_again/
-
China-linked Mustang Panda deploys advanced SnakeDisk USB worm
China-linked APT group Mustang Panda has been spotted using a new USB worm called SnakeDisk along with a new version of known malware China-linked APT group Mustang Panda (aka Hive0154, Camaro Dragon, RedDelta or Bronze President) has been spotted using an updated version of the TONESHELL backdoor and a previously undocumented USB worm called SnakeDisk. Mustang Panda has been active since…
-
Mustang Panda Deploys SnakeDisk USB Worm to Deliver Yokai Backdoor on Thailand IPs
The China-aligned threat actor known as Mustang Panda has been observed using an updated version of a backdoor called TONESHELL and a previously undocumented USB worm called SnakeDisk.”The worm only executes on devices with Thailand-based IP addresses and drops the Yokai backdoor,” IBM X-Force researchers Golo Mühr and Joshua Chung said in an analysis published…
-
China-Aligned Hackers Unleash Upgraded Toneshell and New USB Worm
The post China-Aligned Hackers Unleash Upgraded Toneshell and New USB Worm appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/china-aligned-hackers-unleash-upgraded-toneshell-and-new-usb-worm/
-
Mustang Panda Uses SnakeDisk USB Worm and Toneshell Backdoor to Target Air-Gap Systems
IBM X-Force researchers have uncovered sophisticated new malware campaigns orchestrated by the China-aligned threat actor Hive0154, also known as Mustang Panda. The discovery includes an advanced Toneshell backdoor variant that evades detection systems and a novel USB worm called SnakeDisk specifically targeting Thailand-based devices. Enhanced Toneshell Backdoor Evades Detection The latest iteration of Toneshell, dubbed…
-
Grau Data präsentiert auf der it-sa Ransomware-Schutz für Backups mit Blocky for Veeam
Grau Data präsentiert auf der it-sa 2025 seinen Backup-Ransomware-Schutz Blocky for Veeam in der Version 3.5. Die Software ist derzeit der einzige Ransomware-Schutz für Backups, der direkt auf dem Veeam-Windows-Server aufsetzt und mit der erprobten Grau-Data-WORM (Write Once, Read Many) -Technologie einen unveränderlichen Schutzschild für Veeam-Backups erzeugt. Durch den Einsatz der WORM-Technologie verhindert Blocky for…
-
Cybercrime increasingly moving beyond financial gains
Tags: attack, awareness, business, ciso, computer, corporate, cyber, cyberattack, cybercrime, cybersecurity, defense, disinformation, espionage, finance, government, group, hacker, hacking, incident response, infrastructure, intelligence, iran, malicious, military, network, ransom, ransomware, risk, risk-analysis, russia, strategy, theft, threat, tool, ukraine, vulnerability, wormsrcset=”https://b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?quality=50&strip=all 892w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=223%2C300&quality=50&strip=all 223w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=768%2C1033&quality=50&strip=all 768w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=761%2C1024&quality=50&strip=all 761w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=518%2C697&quality=50&strip=all 518w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=125%2C168&quality=50&strip=all 125w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=62%2C84&quality=50&strip=all 62w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=357%2C480&quality=50&strip=all 357w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=268%2C360&quality=50&strip=all 268w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=186%2C250&quality=50&strip=all 186w” width=”761″ height=”1024″ sizes=”auto, (max-width: 761px) 100vw, 761px”> Incibe. En la imagen, Patricia Alonso GarcÃa.”We are very redundant when talking about cybercrime, because we always associate it with economic motivations,” says Hervé Lambert, global consumer operations…
-
30 Jahre Worms: Wurmkur mit Bazooka-Beigeschmack
Tags: wormDer Spieleklassiker Worms bohrt sich seit 30 Jahren in die Gaming-Geschichte – mal als Mehrspieler-Perle, mal als Solo-Zumutung. First seen on golem.de Jump to article: www.golem.de/news/30-jahre-worms-wurmkur-mit-bazooka-beigeschmack-2508-199088.html
-
Threats Actors Use Sophisticated Hacking Tools to Destroy Organizations Critical Infrastructure
Threat actors, ranging from state-sponsored organizations to non-state actors, are using sophisticated cyber weapons to breach and destroy vital infrastructure in a time when digital and physical security are becoming more intertwined. These tools, often manifesting as malware agents like worms, viruses, and advanced persistent threats (APTs), exploit vulnerabilities in supervisory control and data acquisition…
-
Threat Casting a Nation State Attack on Critical Infrastructure Scenario at CognectCon2025
Tags: attack, conference, cyber, cyberattack, cybersecurity, data, disinformation, infrastructure, iran, malicious, middle-east, risk, threat, vulnerability, wormDuring exercises at CognectCon2025 a number of cyberattack scenarios were discussed that highlighted the risks of cyber attackers leveraging cognitive vulnerabilities to cause major impacts to nation critical infrastructures. This video is a short report-out on one such possible scenario, before we began discussing how to prevent, detect, and respond to such an event. In…