Highly Popular NPM Packages Poisoned in New Supply Chain Attack
A DuckDB maintainer was also phished, but the DuckDBLabs team was able to block the attacker’s access shortly after.
However, the DuckDB distribution for Node.js on the NPM registry was injected with malware, the team announced.
Cyber_Security_Channel
A DuckDB maintainer was also phished, but the DuckDBLabs team was able to block the attacker’s access shortly after.
However, the DuckDB distribution for Node.js on the NPM registry was injected with malware, the team announced.
Cyber_Security_Channel
SecurityWeek
Highly Popular NPM Packages Poisoned in New Supply Chain Attack
Designed to intercept cryptocurrency transactions, the malicious code reached 10% of cloud environments.
👍7🔥1
🚨 New Threat Alert: Salty2FA & Tycoon2FA are Now Targeting Enterprises in a Joint Phishing Operation.
A new PhaaS “chimera” now appears inside the same campaigns and even the same payloads, making attribution harder.
See the hybrid payload executed in the @anyrun_app sandbox — click here.
👨💻 Get all the details and actionable IOCs to adapt detection and threat hunting — click here.
-----
#ad #paidpromotion #sponsored
@Cyber_Security_Channel
A new PhaaS “chimera” now appears inside the same campaigns and even the same payloads, making attribution harder.
See the hybrid payload executed in the @anyrun_app sandbox — click here.
👨💻 Get all the details and actionable IOCs to adapt detection and threat hunting — click here.
-----
#ad #paidpromotion #sponsored
@Cyber_Security_Channel
❤11👍6🔥1
Microsoft’s Project Ire Autonomously Reverse Engineers Software to Find Malware
It added, “Its tool-use API enables the system to update its understanding of a file using a wide range of reverse engineering tools, including Microsoft memory analysis sandboxes based on Project Freta, custom and open-source tools, documentation search, and multiple decompilers.”
Cyber_Security_Channel
It added, “Its tool-use API enables the system to update its understanding of a file using a wide range of reverse engineering tools, including Microsoft memory analysis sandboxes based on Project Freta, custom and open-source tools, documentation search, and multiple decompilers.”
Cyber_Security_Channel
SecurityWeek
Microsoft’s Project Ire Autonomously Reverse Engineers Software to Find Malware
Microsoft has unveiled Project Ire, a prototype autonomous AI agent that can analyze any software file to determine if it’s malicious.
❤7
New Android Albiriox Malware Gains Traction in Dark Web Markets
Researchers found that the dropper used JSONPacker to obfuscate the underlying code, prompting victims to enable the “Install Unknown Apps” permission before installing Albiriox.
Once active, the malware connects to its command server over an unencrypted TCP channel and registers the device using hardware and OS identifiers.
Cyber_Security_Channel
Researchers found that the dropper used JSONPacker to obfuscate the underlying code, prompting victims to enable the “Install Unknown Apps” permission before installing Albiriox.
Once active, the malware connects to its command server over an unencrypted TCP channel and registers the device using hardware and OS identifiers.
Cyber_Security_Channel
Infosecurity Magazine
New Android Albiriox Malware Gains Traction in Dark Web Markets
Android malware Albiriox emerged as MaaS, offering device takeover and real-time fraud capabilities
❤3👀2👍1
MITRE Unveils ATT&CK v18 With Updates to Detections, Mobile, ICS
In the Mobile section, coverage has been added for adversaries abusing the ‘linked devices’ feature in Signal and WhatsApp.
Also in this section, the ‘abuse accessibility features’ technique has been brought back after it was deprecated in version 7 of ATT&CK.
Cyber_Security_Channel
In the Mobile section, coverage has been added for adversaries abusing the ‘linked devices’ feature in Signal and WhatsApp.
Also in this section, the ‘abuse accessibility features’ technique has been brought back after it was deprecated in version 7 of ATT&CK.
Cyber_Security_Channel
SecurityWeek
MITRE Unveils ATT&CK v18 With Updates to Detections, Mobile, ICS
MITRE has unveiled the latest version of ATT&CK, with the most significant changes in the defensive part of the framework.
❤3👍3
Beyond the Prompt: Building Trustworthy Agent Systems
Output validation & guardrails: never trust raw agent output.
Implement strict validation checks before any action is taken or result is presented.
Define clear boundaries for what actions are permissible (e.g., “can read this database but never modify it”).
Cyber_Security_Channel
Output validation & guardrails: never trust raw agent output.
Implement strict validation checks before any action is taken or result is presented.
Define clear boundaries for what actions are permissible (e.g., “can read this database but never modify it”).
Cyber_Security_Channel
SecurityWeek
Beyond the Prompt: Building Trustworthy Agent Systems
Building secure AI agent systems requires a disciplined engineering approach focused on deliberate architecture and human oversight.
👍5🔥2🤡1
Hundreds of Arrests as Operation Sentinel Recovers $3m
The outcomes from Operation Sentinel reflect the commitment of African law enforcement agencies, working in close coordination with international partners.
Their actions have successfully protected livelihoods, secured sensitive personal data and preserved critical infrastructure.
Cyber_Security_Channel
The outcomes from Operation Sentinel reflect the commitment of African law enforcement agencies, working in close coordination with international partners.
Their actions have successfully protected livelihoods, secured sensitive personal data and preserved critical infrastructure.
Cyber_Security_Channel
Infosecurity Magazine
Hundreds of Arrests as Operation Sentinel Recovers $3m
Operational Sentinel helps to crack down on cybercrime across 19 African countries in a month-long campaign
❤4👍3🔥2
DarkSub 2025: Top Cybersecurity Tool For Privacy Protection
DarkSub excels in several key areas, including its zero-data retention policy, ensuring users' activity logs remain private.
Its modular design allows users to customize privacy settings based on real-world use cases, such as VPN protection, stealth browsing, or firewall elevation.
Additionally, DarkSub's AI-powered threat detection system provides real-time alerts and predictive insights to stay ahead of emerging threats.
@Cyber_Security_Channel
DarkSub excels in several key areas, including its zero-data retention policy, ensuring users' activity logs remain private.
Its modular design allows users to customize privacy settings based on real-world use cases, such as VPN protection, stealth browsing, or firewall elevation.
Additionally, DarkSub's AI-powered threat detection system provides real-time alerts and predictive insights to stay ahead of emerging threats.
@Cyber_Security_Channel
NewsWire
DarkSub 2025: Top Cybersecurity Tool for Privacy Protection
Empowering businesses and individuals to reduce online exposure and defend privacy through proactive cybersecurity measures in the face of growing digital surveillance.
👍4❤2
2️⃣0️⃣2️⃣6️⃣ Happy New Year from the Cyber Security News Team!
We would like to say thank you for continously supporting our community throughout the eventful year of 2025.
Together we have managed to reach important milestones and expand our sphere of influence even further around the globe.
♥️ We are grateful for all the members, partners, and supporters that engaged with our content, purchased paid advertisements, and showed appreciation to our channels =)
Our team hopes that all the content on this channel was useful and enjoyable for you.
☃️ We are planning to show dedication by continuing our mission next year, and are always open to your feedback, suggestions, and collaboration ideas — @cybersecadmin.
Thank you once again, and all the best in the New Year of 2026!
Warm regards to each of you,
~The Cyber Security News Team
🎅 @Cyber_Security_Channel 🎁
We would like to say thank you for continously supporting our community throughout the eventful year of 2025.
Together we have managed to reach important milestones and expand our sphere of influence even further around the globe.
♥️ We are grateful for all the members, partners, and supporters that engaged with our content, purchased paid advertisements, and showed appreciation to our channels =)
Our team hopes that all the content on this channel was useful and enjoyable for you.
☃️ We are planning to show dedication by continuing our mission next year, and are always open to your feedback, suggestions, and collaboration ideas — @cybersecadmin.
Thank you once again, and all the best in the New Year of 2026!
Warm regards to each of you,
~The Cyber Security News Team
🎅 @Cyber_Security_Channel 🎁
❤19🎉6🔥3
Korean Air Data Compromised in Oracle EBS Hack
Korean Air reportedly confirmed that hackers have stolen the information of roughly 30,000 of its current and former employees from KC&D, including names and bank account numbers.
Customer data was not exposed, the airline said.
Cyber_Security_Channel
Korean Air reportedly confirmed that hackers have stolen the information of roughly 30,000 of its current and former employees from KC&D, including names and bank account numbers.
Customer data was not exposed, the airline said.
Cyber_Security_Channel
SecurityWeek
Korean Air Data Compromised in Oracle EBS Hack
Roughly 30,000 Korean Air employees had their data stolen by hackers in a breach at former subsidiary KC&D.
👍3❤2🕊1
GhostPoster Firefox Extensions Hide Malware in Icons
The extension’s developer used steganography to hide after that marker a loader that reaches a remote command-and-control (C&C) server to retrieve an encrypted payload.
Cyber_Security_Channel
The extension’s developer used steganography to hide after that marker a loader that reaches a remote command-and-control (C&C) server to retrieve an encrypted payload.
Cyber_Security_Channel
SecurityWeek
GhostPoster Firefox Extensions Hide Malware in Icons
The malware hijacks purchase commissions, tracks users, removes security headers, injects hidden iframes, and bypasses CAPTCHA.
👍6❤1
Conflicting Narratives in Security Incident: Hackers Claim Resecurity Breach, Firm Says Honeypot
According to Resecurity, it detected the threat actor's reconnaissance activities in November 2025.
The firm claims this monitoring led to the identification of the attackers' infrastructure, which was subsequently reported to law enforcement.
Cyber_Security_Channel
According to Resecurity, it detected the threat actor's reconnaissance activities in November 2025.
The firm claims this monitoring led to the identification of the attackers' infrastructure, which was subsequently reported to law enforcement.
Cyber_Security_Channel
TechNadu
Resecurity Denies Hack Claims, Citing Honeypot Strategy - TechNadu
A hacking group identifying as Scattered Lapsus$ Hunters claimed to have breached Resecurity, which said the attackers were monitored in a honeypot.
👍5❤4
ℹ️ What Security Teams Miss in Email Attacks
In just 12 months, attackers attempted to steal more than $300 million via vendor email compromise (VEC), with 7% of engagements coming from employees who had engaged with a previous attack.
Employees struggle to differentiate between legitimate messages and attacks, especially when those emails appear to come from a trusted vendor.
Employees in the largest organizations, with workforces of 50,000 or more, had the highest rate of second-step engagement with VEC.
Cyber_Security_Channel
In just 12 months, attackers attempted to steal more than $300 million via vendor email compromise (VEC), with 7% of engagements coming from employees who had engaged with a previous attack.
Employees struggle to differentiate between legitimate messages and attacks, especially when those emails appear to come from a trusted vendor.
Employees in the largest organizations, with workforces of 50,000 or more, had the highest rate of second-step engagement with VEC.
Cyber_Security_Channel
Help Net Security
What security teams miss in email attacks
Rising email breach risks expose organizations to phishing, scams, and impersonation, driving data loss, disruption, and financial impact.
❤4
2026 Strategic Cybersecurity Planning: How CISOs Can Build a Future-Proof, Prevention-First Stack
Gartner identifies ten technologies shaping enterprise strategy in 2026. This list includes:
1. AI-Native Development Platforms
2. AI Supercomputing Platforms
3. Confidential Computing
4. Multiagent Systems
5. Domain-Specific Language Models
6. Physical AI
7. Preemptive Cybersecurity
8. Digital Provenance
9. AI Security Platforms
10. Geopatriation
Cyber_Security_Channel
Gartner identifies ten technologies shaping enterprise strategy in 2026. This list includes:
1. AI-Native Development Platforms
2. AI Supercomputing Platforms
3. Confidential Computing
4. Multiagent Systems
5. Domain-Specific Language Models
6. Physical AI
7. Preemptive Cybersecurity
8. Digital Provenance
9. AI Security Platforms
10. Geopatriation
Cyber_Security_Channel
Morphisec
2026 Strategic Cybersecurity Planning: How CISOs Can Build a Future-Proof, Prevention-First Stack | Morphisec Blog
Build a future-proof, prevention-first cybersecurity strategy for 2026. Learn how CISOs can align with Gartner trends and stop threats before execution.
❤11
Cybersecurity in Medical Devices: From Insight to Action
A central theme of the session was the critical role of penetration testing in ensuring medical device security.
Unlike traditional IT testing, medical device pentesting covers a much broader spectrum — from embedded hardware and firmware through industry specific communication interfaces and protocols, to cloud services and hospital network integration.
By embedding penetration testing across all stages of medical device development, deployment, and maintenance, manufacturers can confidently bring secure innovations to market — protecting both patients and the integrity of digital healthcare systems.
Cyber_Security_Channel
A central theme of the session was the critical role of penetration testing in ensuring medical device security.
Unlike traditional IT testing, medical device pentesting covers a much broader spectrum — from embedded hardware and firmware through industry specific communication interfaces and protocols, to cloud services and hospital network integration.
By embedding penetration testing across all stages of medical device development, deployment, and maintenance, manufacturers can confidently bring secure innovations to market — protecting both patients and the integrity of digital healthcare systems.
Cyber_Security_Channel
Deloitte
Cybersecurity in Medical Devices: From Insight to Action
As connected medical devices become increasingly complex, cybersecurity has emerged as a fundamental element of patient safety and regulatory compliance.
❤7
🚨 CastleLoader Attacks Government Agencies, Compromising up to 400+ Devices at Once
Its unusual process hollowing via an AutoIt3 script is hard for EDR to detect.
See full analysis from #ANYRUN with extracted runtime config, C2s, and #IOCs 👇
Read the full blog article — click here.
-----
#ad #paidpromotion #sponsored
@Cyber_Security_Channel
Its unusual process hollowing via an AutoIt3 script is hard for EDR to detect.
See full analysis from #ANYRUN with extracted runtime config, C2s, and #IOCs 👇
Read the full blog article — click here.
-----
#ad #paidpromotion #sponsored
@Cyber_Security_Channel
ANY.RUN's Cybersecurity Blog
CastleLoader Malware Analysis: Full Execution Breakdown
Read full-cycle technical analysis of CastleLoader malware, covering its entire multi-stage execution by ANY.RUN.
❤4
The 5 Critical Cybersecurity Controls Every Organization Needs
Administrative accounts represent your organization’s “keys to the kingdom”.
Regular reviews ensure that only necessary personnel have elevated privileges.
Failure to minimize admin accounts and/or eliminate shared accounts can lead to accountability issues during security incidents.
Ensuring all activities are logged and traceable to a single user aids investigations and deters potential compromises.
Cyber_Security_Channel
Administrative accounts represent your organization’s “keys to the kingdom”.
Regular reviews ensure that only necessary personnel have elevated privileges.
Failure to minimize admin accounts and/or eliminate shared accounts can lead to accountability issues during security incidents.
Ensuring all activities are logged and traceable to a single user aids investigations and deters potential compromises.
Cyber_Security_Channel
AZ Big Media
The 5 critical cybersecurity controls every organization needs
Choosing to supplement your cybersecurity insurance with key internal controls and strategic business practices can significantly enhance your ability to deflect potential attacks.
❤3👍3🔥1
This media is not supported in your browser
VIEW IN TELEGRAM
ℹ️ Join ImmuniWeb AI Platform 2026 Webinar: New Products and Capabilities to enhance your ImmuniWeb® AI Platform skills, earn CPE credits, and qualify to become ImmuniWeb® Certified Professional.
✔️ Key Insights that Will be Covered:
• Useful and novel product features, functionalities and integrations
• New cybersecurity and compliance products by ImmuniWeb
• Practical use of ML and AI by ImmuniWeb in year 2026
• Cybersecurity cost reduction with ImmuniWeb
• Cybersecurity compliance with ImmuniWeb
• Live demo of ImmuniWeb AI Platform
• Full 2026 product map
Date & Time: January 29 at 10am and 5pm CET
Host: Dr. Ilia Kolochenko, CEO & Chief Architect at ImmuniWeb, Attorney-at-Law.
✅ Register Now:
Session 1 – January 29, 2026 – Geneva 10am | Dubai 1pm | Singapore 5pm
👉 Click here.
Session 2 – January 29, 2026 – Geneva 5pm | New York 11am | California 8am
👉 Click here.
-----
#ad #paidpromotion #sponsored
@Cyber_Security_Channel
✔️ Key Insights that Will be Covered:
• Useful and novel product features, functionalities and integrations
• New cybersecurity and compliance products by ImmuniWeb
• Practical use of ML and AI by ImmuniWeb in year 2026
• Cybersecurity cost reduction with ImmuniWeb
• Cybersecurity compliance with ImmuniWeb
• Live demo of ImmuniWeb AI Platform
• Full 2026 product map
Date & Time: January 29 at 10am and 5pm CET
Host: Dr. Ilia Kolochenko, CEO & Chief Architect at ImmuniWeb, Attorney-at-Law.
✅ Register Now:
Session 1 – January 29, 2026 – Geneva 10am | Dubai 1pm | Singapore 5pm
👉 Click here.
Session 2 – January 29, 2026 – Geneva 5pm | New York 11am | California 8am
👉 Click here.
-----
#ad #paidpromotion #sponsored
@Cyber_Security_Channel
❤2👍2
120 Data Breach Statistics for 2026
So, here are the 120 data breach stats for 2025.
All the sources we mentioned applies its own methodology, so numbers vary, and we include them all so readers can judge for themselves.
Cyber_Security_Channel
So, here are the 120 data breach stats for 2025.
All the sources we mentioned applies its own methodology, so numbers vary, and we include them all so readers can judge for themselves.
Cyber_Security_Channel
Bright Defense
120 Data Breach Statistics for 2026
Explore 130 critical data breach statistics for 2025 that reveal the latest trends, costs, attack methods, and industry impacts.
👍2❤1
❗️Cyber Security News is looking for VOLUNTEERS to join our Team: Round 5
Our community is continuously growing and we are looking to further expand the internal Team of Content Authors.
Responsibilities
• Browse news on Internet
• Format and publish posts to the channels of our community
• Offer creative ideas to enhance content
Requirements
• Research skills
• Stable Wi-Fi connection
• Interest in cybersecurity
• Mobile device with Telegram app
• Up to date knowledge about trending topics, current events
Offerings
• Exchange of knowledge with industry colleagues
• Experience as a manager of a large cybersecurity community (for CV)
• Influence a growing community with a large audience
Contacts
If you are interested in the above position or have any questions, feel free to reach out directly → @cybersecadmin
P.S. Apologies if we have not responded to everybody from previous Rounds. This cycle will be managed more closely.
Send this post to a friend/colleague!
- - - - -
@Cyber_Security_Channel
Our community is continuously growing and we are looking to further expand the internal Team of Content Authors.
Responsibilities
• Browse news on Internet
• Format and publish posts to the channels of our community
• Offer creative ideas to enhance content
Requirements
• Research skills
• Stable Wi-Fi connection
• Interest in cybersecurity
• Mobile device with Telegram app
• Up to date knowledge about trending topics, current events
Offerings
• Exchange of knowledge with industry colleagues
• Experience as a manager of a large cybersecurity community (for CV)
• Influence a growing community with a large audience
Contacts
If you are interested in the above position or have any questions, feel free to reach out directly → @cybersecadmin
P.S. Apologies if we have not responded to everybody from previous Rounds. This cycle will be managed more closely.
Send this post to a friend/colleague!
- - - - -
@Cyber_Security_Channel
👍10❤8🔥3
LastPass Warns Backup Request is Phishing Campaign in Disguise
Company warned of a phishing campaign with false claims that the company is conducting maintenance and asking customers to back up their vaults in the next 24 hours, according to an alert released by the company.
“This campaign is designed to create a false sense of urgency, which is one of the most common and effective tactics we see in phishing attacks,” a spokesperson for LastPass said in a statement.
The spokesperson added that LastPass would never ask customers for their master passwords or demand action under a tight deadline.
@Cyber_Security_Channel
Company warned of a phishing campaign with false claims that the company is conducting maintenance and asking customers to back up their vaults in the next 24 hours, according to an alert released by the company.
“This campaign is designed to create a false sense of urgency, which is one of the most common and effective tactics we see in phishing attacks,” a spokesperson for LastPass said in a statement.
The spokesperson added that LastPass would never ask customers for their master passwords or demand action under a tight deadline.
@Cyber_Security_Channel
Cybersecurity Dive
LastPass warns backup request is phishing campaign in disguise
Customers received deceptive emails over the holiday weekend claiming the company was doing maintenance.
❤3👍1