Blog

One of the most trusted HTTP client libraries in the JavaScript ecosystem has been weaponized by a North Korea-nexus actor […]

The supply chain campaign initiated through a compromised vulnerability scanner has successfully pivoted into secondary cloud-native libraries. This cascading failure

A large-scale automated campaign is currently exploiting a critical flaw in Next.js applications to map and harvest credentials from cloud-native

The Interlock ransomware group is actively targeting network security management planes to gain root-level control over enterprise firewalls. This campaign

Attackers are leveraging an unauthenticated memory overread vulnerability to bypass multi-factor authentication on enterprise gateways. This flaw specifically targets the

A critical vulnerability in a widely used video conferencing client is being actively exploited to distribute malicious code to enterprise

The sophisticated supply chain attack on the Axios library has been confirmed as the result of a targeted social engineering

Attackers are industrializing the exploitation of a memory overread flaw to hijack enterprise sessions and bypass multi-factor authentication. This vulnerability

The major data exfiltration event impacting the European Commission cloud infrastructure has been formally traced to the compromise of a

The North Korea-nexus threat actor UNC1069 successfully compromised the distribution channel for Axios‚ the most popular JavaScript HTTP client library.