EUVD-2008-4170

Malware in sbrugna...

EUVD-2025-15135

Malicious code in bioql PyPI...

EUVD-2022-30350

Malicious code in bioql PyPI...

npm Account Hijacking and the Rise of Supply Chain Attacks

npm Account Hijacking and the Rise of Supply Chain Attacks By Trellix Advanced Research Center · September 26, 2025 Contributed by John Fokker, Ilya Kolmanovich, Pavan Podila, Mo Cashman and Jeffrey Sman Key Takeaways Software Supply Chain Attacks are on the Rise: The "Shai-Hulud" worm targeting...

PhishLumos: an Adaptive Multi-Agent System for Proactive Phishing Campaign Mitigation

Phishing attacks are a significant societal threat, disproportionately harming vulnerable populations and eroding trust in essential digital services. Current defenses are often reactive, failing against modern evasive tactics like cloaking that conceal malicious content. To address this, we...

Reliable, Compliant APIs with Akamai Managed Service for API Performance

Introducing Akamai’s new product that blends proactive testing, expert analysis, and tailored optimization to help APIs stay reliable, responsive, and compliant...

Unmasking Hidden Threats: Spotting a DPRK IT-Worker Campaign

Unmasking Hidden Threats: Spotting a DPRK IT-Worker Campaign By Duy-Phuc Pham and John Fokker · September 23, 2025 In today's complex threat landscape, staying ahead of sophisticated adversaries is paramount. Organizations face constant pressure to identify threats that do not always involve...

Three Critical Facts About Cyber Risk Management

For CISOs responsible for cyber risk management, these three insights will help build a strong and reliable foundation for your proactive security strategy...

How Live Threat Intelligence Cuts Cybersecurity Expenses

Disclosure: This article was provided by ANY.RUN. The information and analysis presented are based on their research and findings...

Weak Passwords and Compromised Accounts: Key Findings from the Blue Report 2025

As security professionals, it's easy to get caught up in a race to counter the latest advanced adversary techniques. Yet the most impactful attacksoften aren't from cutting-edge exploits, but from cracked credentials and compromised accounts. Despite widespread awareness of this threat vector,...

Malicious code in proactive-angular-sharepoint (npm)

The package proactive-angular-sharepoint was found to contain malicious code...

MAL-2025-29675 Malicious code in proactive-angular-sharepoint (npm)

The package proactive-angular-sharepoint was found to contain malicious code...

Coward: toward Practical Proactive Federated Backdoor Defense Via Collision-Based Watermark

Backdoor detection is currently the mainstream defense against backdoor attacks in federated learning FL, where malicious clients upload poisoned updates that compromise the global model and undermine the reliability of FL deployments. Existing backdoor detection techniques fall into two...

Pentests once a year? Nope. It's time to build an offensive SOC

You wouldn't run your blue team once a year, so why accept this substandard schedule for your offensive side? Your cybersecurity teams are under intense pressure to be proactive and to find your network's weaknesses before adversaries do. But in many organizations, offensive security is still...

Proactive Email Security: The Power of AI

Lead with AI-powered email security to stay ahead of attackers and personalize user interaction at every touchpoint, bridging technology and behavior with precision...

CTEM vs ASM vs Vulnerability Management: What Security Leaders Need to Know in 2025

The modern-day threat landscape requires enterprise security teams to think and act beyond traditional cybersecurity measures that are purely passive and reactive, and in most cases, ineffective against emerging threats and sophisticated threat actors. Prioritizing cybersecurity means implementin...

Game Theory Meets LLM and Agentic AI: Reimagining Cybersecurity for the Age of Intelligent Threats

Protecting cyberspace requires not only advanced tools but also a shift in how we reason about threats, trust, and autonomy. Traditional cybersecurity methods rely on manual responses and brittle heuristics. To build proactive and intelligent defense systems, we need integrated theoretical...

Learn how to build an AI-powered, unified SOC in new Microsoft e-book

The sheer volume of cyberattacks continues to increase at a breathtaking scale worldwide, with customers facing more than 600 million cybercriminal and nation-state attacks every day.1 To stem the growing tide of malicious cyber activity takes a commitment from all of us—individuals from operatio...

From AI to Zero-Days: Why CISOs Can’t Ignore the 2024 Threat Shifts

Running short on time but still want to stay in the know? Well, we’ve got you covered! We’ve condensed all the key takeaways into a handy audio summary. Our AI-driven podcasts are fit for on the go. Two weeks ago, we published the key insights from our Cyber Horizons 2025 Threat Report ,...

Navigating cyber risks with Microsoft Security Exposure Management eBook

Imagine steering a vessel through Arctic waters where 90% of iceberg mass lies hidden beneath the surface; your lookouts equipped only with telescopes and blind to the submerged threats. This parallels today's cybersecurity landscape: According to the Microsoft Digital Defense Report 2024, nearly...