Dark Reading

Supply Chain Attacks Targeting GitHub Actions Increased in 2025

At this week's Black Hat Europe conference, two researchers urged developers to adopt a shared responsibility model for open ...
CPO Magazine

North Korean Hackers Target Developers with Nearly 200 Malicious NPM Packages in “Contagious Interview” Hacking Campaign

North Korean hackers intensify their efforts against blockchain and Web3 developers, using nearly 200 malicious npm packages ...
The Hacker News

Fake OSINT and GPT Utility GitHub Repos Spread PyStoreRAT Malware Payloads

PyStoreRAT spreads via fake GitHub tools using small Python or JavaScript loaders to fetch HTA files and install a modular ...

Hackers exploit unpatched Gogs zero-day to breach 700 servers

An unpatched zero-day vulnerability in Gogs, a popular self-hosted Git service, has enabled attackers to gain remote code ...
Fox News

Chinese hackers turned AI tools into an automated attack machine

Cybersecurity has been reshaped by the rapid rise of advanced artificial intelligence tools, and recent incidents show just how quickly the threat landscape is shifting. Over the past year, we've seen ...
TechCrunch

Google says hackers stole data from 200 companies following Gainsight breach

Google has confirmed that hackers have stolen the Salesforce-stored data of more than 200 companies in a large-scale supply chain hack. On Thursday, Salesforce disclosed a breach of “certain customers ...

Notepad++ users urged to update immediately after hackers hijack the app's updater

The developers of Notepad++ recently discovered an actively exploited vulnerability that enabled hackers to hijack the popular editor's automatic updater. Version 8.8.9 addresses the issue, but ...
TechCrunch

CrowdStrike fires ‘suspicious insider’ who passed information to hackers

Cybersecurity giant CrowdStrike has confirmed firing a “suspicious insider” last month who allegedly fed information about the company to a notorious hacking group. A hacking collective known as ...
Bleeping Computer

CrowdStrike catches insider feeding information to hackers

Update November 21, 12:04 EST: Story updated with information from hackers. American cybersecurity firm CrowdStrike has confirmed that an insider shared screenshots taken on internal systems with ...
CNN

Wall Street banks scramble to assess fallout from hack of real-estate data firm

Hackers stole a trove of data from a company used by major Wall Street banks for real-estate loans and mortgages, setting off a scramble to determine what was taken and which banks were affected, ...
Forbes

Hackers Bypass Signal, Telegram And WhatsApp Encryption To Read Messages

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. Updated November 25 with a new warning from America’s Cyber ...
Reuters

JPMorgan, Citi, Morgan Stanley client data may be exposed by vendor's hack, NYT reports

SitusAMC said in a statement, opens new tab on its website on Saturday that it had been the subject of a cyberattack on November 12, compromising certain information from its systems and that "data ...