A supply chain attack targeting key components of the Ethereum development ecosystem has affected the Nomic Foundation and Hardhat platforms. The attackers infiltrated the ecosystem using malicious npm packages, exfiltrating sensitive data such as private keys, mnemonics and configuration files.…
Jan 06, 2025Ravie LakshmananRegulatory Compliance / Data Privacy The Indian government has published a draft version of the Digital Personal Data Protection (DPDP) Rules for public consultation. “Data fiduciaries must provide clear and accessible information about how personal data is…
Taiwanese government networks experienced a daily average of 2.4 million cyber-attacks in 2024, most of which were attributed to Chinese state-backed hackers. This represents double the daily average from 2023 which saw 1.2 million daily attacks targeting government networks, Taiwan’s…
In 2024, cyber threats targeting SaaS surged, with 7,000 password attacks blocked per second (just in Entra ID)—a 75% increase from last year—and phishing attempts up by 58%, causing $3.5 billion in losses (source: Microsoft Digital Defense Report 2024). SaaS…
A newly identified WordPress plugin called PhishWP has been used by cybercriminals to create fake payment pages mimicking legitimate services like Stripe, enabling the theft of sensitive financial and personal data. The malicious plugin was observed by SlashNext researchers circulating…
Jan 06, 2025Ravie Lakshmanan Every tap, click, and swipe we make online shapes our digital lives, but it also opens doors—some we never meant to unlock. Extensions we trust, assistants we rely on, and even the codes we scan are…
Gaming enthusiasts have been warned not to reply to unsolicited Discord messages, after researchers revealed a new infostealer campaign. Malwarebytes said that victims are typically approached out of the blue with a direct message on a Discord server, asking if…
Jan 06, 2025Ravie LakshmananBlockchain / Malware Cybersecurity researchers have revealed several malicious packages on the npm registry that have been found impersonating the Nomic Foundation’s Hardhat tool in order to steal sensitive data from developer systems. “By exploiting trust in…
Jan 04, 2025Ravie LakshmananVulnerability / Software Security A high-severity security flaw has been disclosed in ProjectDiscovery’s Nuclei, a widely-used open-source vulnerability scanner that, if successfully exploited, could allow attackers to bypass signature checks and potentially execute malicious code. Tracked as…
Jan 04, 2025Ravie LakshmananCyber Espionage / IoT Botnet The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) on Friday issued sanctions against a Beijing-based cybersecurity company known as Integrity Technology Group, Incorporated for orchestrating several cyber attacks against U.S.…
All Rights Reserved. Kowatek Blog by IWUCHI
Home | About Us | Disclaimer | Privacy Policy | Contact Us
