EUVD-2025-133737

Malicious code in teate-thy-py-janpi npm...

EUVD-2025-122324

Malicious code in sagitta-helmet-vuepress-spectron npm...

EUVD-2025-113540

Malicious code in forever-phoebe-framework-cz-conventional-changelog npm...

EUVD-2025-64851

Malicious code in conceptualsnakez3n npm...

EUVD-2025-61261

Malicious code in zain-lengko7-riris npm...

EUVD-2025-49303

Malicious code in stiffaspz3n npm...

MAL-2025-41363 Malicious code in airbnb-react-server (npm)

The package communicates with a domain associated with malicious activity...

MAL-2025-16610 Malicious code in cascade_qajvx_qv3p9_harmony (npm)

The package cascadeqajvxqv3p9harmony was found to contain malicious code...

Coinbase Agents Bribed, Data of ~1% Users Leaked; $20M Extortion Attempt Fails

Cryptocurrency exchange Coinbase has disclosed that unknown cyber actors broke into its systems and stole account data for a small subset of its customers. "Criminals targeted our customer support agents overseas," the company said in a statement. "They used cash offers to convince a small group ...

CVE-2025-0628

creationtimestamp| type| source ---|---|--- 2025-03-20 12:48:47+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114194836524629766 2025-03-20 13:03:49+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lksr45ozcp24 2025-03-20 13:13:01+00:00| seen|...

Bybit Hack: $1.4B Stolen from World’s 2nd Largest Crypto Exchange

In a major cybersecurity incident, Bybit, the world's 2nd-largest crypto exchange suffered a $1.4 billion ETH hack from…...

BayMark Health Services sends breach notifications after ransomware attack

BayMark Health Services, Inc. BayMark notified an unknown number of patients that attackers stole their personal and health information. BayMark profiles itself as North America’s largest provider of medication-assisted treatment MAT for substance use disorders helping tens of thousands of...

Chinese APT Exploits BeyondTrust API Key to Access U.S. Treasury Systems and Documents

The United States Treasury Department said it suffered a "major cybersecurity incident" that allowed suspected Chinese threat actors to remotely access some computers and unclassified documents. "On December 8, 2024, Treasury was notified by a third-party software service provider, BeyondTrust,...

A week in security (September 2 – September 8)

Last week on Malwarebytes Labs: Lowe’s employees phished via Google ads Planned Parenthood partly offline after ransomware attack "Hello pervert" sextortion scam includes new threat of Pegasus—and a picture of your home How to avoid election related scams London’s city transport hit by...

TotalCloud Insights: When Multi-Factor Authentication Turns Into Single-Factor Authentication

Introduction Multi-factor authentication MFA failures have fuelled a 500% surge in ransomware losses, as noted in an article published by "The Hacker News"—from an average ransom payment of $400,000 in 2023 to $2 million in 2024. And attacks exploiting an MFA failure are getting increasingly...

Security company ADT announces security breach of customer data

Electronic surveillance equipment provider ADT filed a form 8-K with the Security and Exchange Commision SEC to report “a cybersecurity incident during which unauthorized actors illegally accessed certain databases containing ADT customer order information.” An 8-K is a report of unscheduled...

Affirm says Evolve Bank data breach also compromised some of its customers

Buy now, pay later payment specialist Affirm has warned that holders of its payment cards had their personal information exposed after a ransomware attack and data breach at Evolve Bank & Trust. In a form 8-K, submitted to the Securities and Exchange Commission SEC, Affirm states: “Because the...

Truist bank confirms data breach

On Wednesday June 12, 2024, a well-known dark web data broker and cybercriminal acting under the name "Sp1d3r" offered a significant amount of data allegedly stolen from Truist Bank for sale. Truist is a US bank holding company and operates 2,781 branches in 15 states and Washington DC. By assets...

Stopping a K-12 cyberattack (SolarMarker) with ThreatDown MDR

In early 2024, a large K-12 school district partnered with ThreatDown MDR to strengthen its cybersecurity posture. Shortly after onboarding, ThreatDown MDR analysts detected unusual patterns of activity subsequently identified as the work of SolarMarker, a sophisticated backdoor. It became eviden...

Microsoft Expands Free Logging Capabilities for all U.S. Federal Agencies

Microsoft has expanded free logging capabilities to all U.S. federal agencies using Microsoft Purview Audit irrespective of the license tier, more than six months after a China-linked cyber espionage campaign targeting two dozen organizations came to light. "Microsoft will automatically enable th...