kahmed

Supply Chain Attack Analysis A large-scale, self-propagating supply chain attack, nicknamed ‘Shai-Hulud,’ is actively compromising packages on the npm JavaScript registry. Security researchers report that the campaign has already hit at least 187 packages, beginning with the compromise of the popular @ctrl/tinycolor package, which has over 2 million weekly downloads, ...

Dark Web News Analysis TransUnion, one of the three major US credit bureaus, has reported a data breach that affects more than 4 million people nationwide, including over 69,000 residents of Wisconsin. According to the company, the breach occurred on July 28 and resulted in unauthorized access to highly sensitive ...

Dark Web News Analysis Panama’s Ministry of Economy and Finance (MEF) has publicly disclosed that it detected and contained a cyberattack involving malicious software on one of its workstations. In its official statement, the ministry emphasized that none of its central systems or platforms were compromised and that operations are ...

Dark Web News Analysis The head of technology at the major UK retailer Marks & Spencer (M&S), Rachel Higham, has resigned from her position just months after the company was hit by a massive cyberattack over Easter. The attack, which led to the theft of personal data from millions of ...

Cyberattack Analysis A European Distributed Denial-of-Service (DDoS) mitigation service provider was recently targeted in a massive attack that peaked at an astonishing 1.5 billion packets per second (Bpps), making it one of the largest packet-rate floods ever publicly disclosed. The attack, which was successfully mitigated by the cybersecurity company FastNetMon, ...

Dark Web News Analysis The major automobile manufacturer Jaguar Land Rover (JLR) has officially confirmed that “some data” was stolen during a recent cyberattack that severely disrupted its production activities. The company, which had previously disclosed the attack on September 2, has now notified the relevant regulatory authorities of the ...

Regulatory and Government Response The Pakistan Telecommunication Authority (PTA) has issued a public statement addressing recent media reports concerning the alleged availability of citizen subscriber data online. In its clarification, the PTA stated that it does not hold or manage subscriber data directly, as this information remains solely with the ...

Technology Comparison Analysis For over two decades, Windows Server Update Services (WSUS) has been a standard tool for IT administrators to distribute Microsoft updates. However, with Microsoft officially deprecating WSUS and the rise of remote workforces and third-party software vulnerabilities, the legacy tool is struggling to meet modern cybersecurity demands. ...

Dark Web News Analysis A threat actor has reportedly listed a database for sale on a hacker forum, allegedly containing 378,000 refund claims from BlockFi. The seller is offering samples and pricing via Telegram and supports escrow services, indicating a serious attempt to monetize the stolen data. The database is said to ...