%term

Cloud Ransomware: How Storm-0501 Hackers Are Redefining Data Extortion

Aug 29, 2025 By Foresiet In Foresiet

Ransomware is no longer confined to on-premise networks. A recent report from Microsoft reveals how Storm-0501, a notorious threat group, has pivoted its focus from traditional device encryption to cloud-based ransomware attacks. By exploiting native cloud features, these attackers bypass conventional malware defenses, exfiltrate sensitive data, destroy backups, and extort organizations—all without deploying traditional ransomware encryptors.

Read Post

Foresiet

Read more about Cloud Ransomware: How Storm-0501 Hackers Are Redefining Data Extortion

Nx npm Malware Explained: AI Agent Hijacking

Aug 28, 2025 By Snyk In Snyk

Nx npm malware (Aug 2025): attackers published malicious Nx packages that weaponized AI coding agents (Claude Code, Gemini CLI, Amazon Q) via a postinstall script to inventory sensitive files and exfiltrate sensitive data to public GitHub repos named “s1ngularity-repository-*.” We break down what happened, affected versions, and how to check + respond (rotate credentials, hunt IoCs, and more). Resources.

View Video

Snyk

Read more about Nx npm Malware Explained: AI Agent Hijacking

A Tale of Two Ransomware-as-a-Service Threat Groups

Aug 28, 2025 By Trustwave In Trustwave

Ransomware distributors are bad enough, but there should be a special place in the dark web's basement that only offers ISDN connections and no Wi-Fi, reserved for those groups that insist their attack was a benign cybersecurity service or those who only attack entities that they say deserve to be struck. At least based on their logic.

Read Post

Trustwave

Read more about A Tale of Two Ransomware-as-a-Service Threat Groups

Investigating The Nx "s1ngularity" Attack: What GitGuardian Uncovered And How You Can Stay Safe

Aug 28, 2025 By GitGuardian In GitGuardian

Discover the chilling details of the Nx “s1ngularity” supply chain attack. On August 26, 2025, the massively popular Nx npm package, with millions of weekly downloads, was compromised with credential‑harvesting malware.

View Video

GitGuardian

Read more about Investigating The Nx "s1ngularity" Attack: What GitGuardian Uncovered And How You Can Stay Safe

China's Cyber Strategy Exposed

Aug 27, 2025 By Rubrik In Rubrik

Chinese cyber operations aren’t random hacks; they are part of a broader geopolitical competition for information, economic advantage, and strategic influence. Every operation ties back to China’s long-term national objectives. Mei Danowski, Co-Founder of Natto Thoughts Online Publication, explains how these attacks serve national objectives and why cybersecurity defenders must adapt.

View Video

Rubrik

Read more about China's Cyber Strategy Exposed

8 Malicious npm Packages Deliver Multi-Layered Chrome Browser Information Stealer

Aug 27, 2025 By Guy Korolevski In JFrog

Open-source software repositories have become one of the main entry points for attackers as part of supply chain attacks, with growing waves using typosquatting and masquerading, pretending to be legitimate. The JFrog Security Research team regularly monitors open-source software repositories using advanced automated tools, in order to detect malicious packages.

Read Post

JFrog

Read more about 8 Malicious npm Packages Deliver Multi-Layered Chrome Browser Information Stealer

Malicious Screen Connect Campaign Abuses AI-Themed Lures for Xworm Delivery

Aug 27, 2025 By Bolesław Szołtysik, Chris Tomboc, Serhii Melnyk In Trustwave

During a recent Advanced Continual Threat Hunt (ACTH) investigation, the Trustwave SpiderLabs Threat Hunt team identified a deceptive campaign that abused fake AI-themed content to lure users into executing a malicious, pre-configured ScreenConnect installer.

Read Post

Trustwave

Read more about Malicious Screen Connect Campaign Abuses AI-Themed Lures for Xworm Delivery

The Business of Malware: Inside the MaaS Economy

Aug 27, 2025 By Emma Stevens In BitSight

In our 2025 State of the Underground report, we found that 384 unique varieties of malware were sold across the top three criminal forums in 2024, a 10% increase from 349 in 2023, signifying an expansion in the underground malware marketplace. These figures reflect malware explicitly offered for sale (not shared freely), and each distinct version or naming variation is counted independently.

Read Post

BitSight

Read more about The Business of Malware: Inside the MaaS Economy

CTI Roundup: Malicious Python Packages, PipeMagic, Noodlophile Stealer

Aug 27, 2025 By Tanium In Tanium

Researchers uncover malicious Python packages, PipeMagic masquerades as a ChatGPT desktop app, and Noodlophile Stealer targets enterprises through social media.

Read Post

Tanium

Read more about CTI Roundup: Malicious Python Packages, PipeMagic, Noodlophile Stealer

Investigating the Oyster Backdoor Campaign and its Targeting of IT Professionals

Aug 26, 2025 By Thomas Elkins, Joshua Green, and Ian Harte In BlueVoyant

BlueVoyant investigated the latest Oyster malware attacks, delivered in a widespread campaign targeting IT professionals by impersonating legitimate IT tools. The campaign was originally discovered by outside researchers, but when BlueVoyant’s SOC observed suspicious behavior in a client environment within the healthcare sector, the team, including the Threat Fusion Cell (TFC), decided to delve deeper.

Read Post