The supply chain attack involving the GitHub Action "tj-actions/changed-files" started as a highly-targeted attack against one of Coinbase's open-source projects, before evolving into something more widespread in scope. "The payload was focused on exploiting the public CI/CD flow of one of their open source projects – agentkit, probably with the purpose of leveraging it for … [Read more...] about Coinbase Initially Targeted in GitHub Actions Supply Chain Attack; 218 Repositories’ CI/CD Secrets Exposed
Targeted
Lazarus Group Deploys Marstech1 JavaScript Implant in Targeted Developer Attacks
Feb 14, 2025Ravie LakshmananBrowser Security / Cryptocurrency The North Korean threat actor known as the Lazarus Group has been linked to a previously undocumented JavaScript implant named Marstech1 as part of limited targeted attacks against developers. The active operation has been dubbed Marstech Mayhem by SecurityScorecard, with the malware delivered by means of an … [Read more...] about Lazarus Group Deploys Marstech1 JavaScript Implant in Targeted Developer Attacks
Google Ads Users Targeted in Malvertising Scam Stealing Credentials and 2FA Codes
Jan 15, 2025Ravie LakshmananMalvertising / Malware Cybersecurity researchers have alerted to a new malvertising campaign that's targeting individuals and businesses advertising via Google Ads by attempting to phish for their credentials via fraudulent ads on Google. "The scheme consists of stealing as many advertiser accounts as possible by impersonating Google Ads and … [Read more...] about Google Ads Users Targeted in Malvertising Scam Stealing Credentials and 2FA Codes
Thai Officials Targeted in Yokai Backdoor Campaign Using DLL Side-Loading Techniques
Dec 14, 2024Ravie LakshmananMalware / Cyber Threat Thai government officials have emerged as the target of a new campaign that leverages a technique called DLL side-loading to deliver a previously undocumented backdoor dubbed Yokai. "The target of the threat actors were Thailand officials based on the nature of the lures," Nikhil Hegde, senior engineer for Netskope's Security … [Read more...] about Thai Officials Targeted in Yokai Backdoor Campaign Using DLL Side-Loading Techniques
Vietnamese Human Rights Group Targeted in Multi-Year Cyberattack by APT32
Aug 29, 2024Ravie LakshmananCyber Espionage / Malware A non-profit supporting Vietnamese human rights has been the target of a multi-year campaign designed to deliver a variety of malware on compromised hosts. Cybersecurity company Huntress attributed the activity to a threat cluster known as APT32, a Vietnamese-aligned hacking crew that's also known as APT-C-00, Canvas … [Read more...] about Vietnamese Human Rights Group Targeted in Multi-Year Cyberattack by APT32
University Professors Targeted by North Korean Cyber Espionage Group
Aug 08, 2024Ravie LakshmananCyber Attack / Cyber Espionage The North Korea-linked threat actor known as Kimsuky has been linked to a new set of attacks targeting university staff, researchers, and professors for intelligence gathering purposes. Cybersecurity firm Resilience said it identified the activity in late July 2024 after it observed an operation security (OPSEC) error … [Read more...] about University Professors Targeted by North Korean Cyber Espionage Group
Ukraine Targeted in Cyberattack Exploiting 7-Year-Old Microsoft Office Flaw
Apr 27, 2024NewsroomCyber Attack / Malware Cybersecurity researchers have discovered a targeted operation against Ukraine that has been found leveraging a nearly seven-year-old flaw in Microsoft Office to deliver Cobalt Strike on compromised systems. The attack chain, which took place at the end of 2023 according to Deep Instinct, employs a PowerPoint slideshow file … [Read more...] about Ukraine Targeted in Cyberattack Exploiting 7-Year-Old Microsoft Office Flaw
Apache Cordova App Harness Targeted in Dependency Confusion Attack
Apr 23, 2024NewsroomSupply Chain Attack / Application Security Researchers have identified a dependency confusion vulnerability impacting an archived Apache project called Cordova App Harness. Dependency confusion attacks take place owing to the fact that package managers check the public repositories before private registries, thus allowing a threat actor to publish a … [Read more...] about Apache Cordova App Harness Targeted in Dependency Confusion Attack
OpenJS Foundation Targeted in Potential JavaScript Project Takeover Attempt
Apr 16, 2024NewsroomSupply Chain / Software Security Security researchers have uncovered a "credible" takeover attempt targeting the OpenJS Foundation in a manner that evokes similarities to the recently uncovered incident aimed at the open-source XZ Utils project. "The OpenJS Foundation Cross Project Council received a suspicious series of emails with similar messages, … [Read more...] about OpenJS Foundation Targeted in Potential JavaScript Project Takeover Attempt
New JavaScript Malware Targeted 50,000+ Users at Dozens of Banks Worldwide
A new piece of JavaScript malware has been observed attempting to steal users' online banking account credentials as part of a campaign that has targeted more than 40 financial institutions across the world. The activity cluster, which employs JavaScript web injections, is estimated to have led to at least 50,000 infected user sessions spanning North America, South America, … [Read more...] about New JavaScript Malware Targeted 50,000+ Users at Dozens of Banks Worldwide