Artifact Poisoning in GitHub Actions Imports Malware via Software Pipelines
An attacker submitting changes to an open source repository on GitHub could cause downstream software projects that include the latest version of a component to compile updates with malicious...
Holiday Spirit? LockBit Gives Children’s Hospital Free Decryptor
After being hit by the LockBit ransomware-as-a-service (RaaS) apparatus, the Hospital for Sick Children (SickKids) received an unexpected holiday gift: A free decryptor and an apology from the cybercriminal...
Cyberattack Shuts Down French Hospital
French Health Ministry authorities were forced to shut down operations and transfer critically ill patients following a weekend cyberattack on a hospital outside Paris. Minister Francois Braun told France 24...
Critical Cisco SMB Router Flaw Allows Authentication Bypass, PoC Available
Two security vulnerabilities in Cisco routers for small and mid-sized businesses (SMBs) could allow unauthenticated cyberattackers to take full control of a target device to run commands with root...
LockBit Bigwig Arrested for Ransomware Crimes
One of LockBit's alleged ringleaders has been arrested in Ontario, Canada and is on his way to the US to face charges related to ransomware attacks against at least...
Hot Ticket: ‘Aurora’ Go-Based InfoStealer Finds Favor Among Cyber-Threat Actors
A growing number of cybercriminal groups are turning to an information stealer named Aurora, which is based on the Go open source programming language, to target data from browsers,...