Posts

The Hacker News - North Korea-Linked npm Packages Mimic Rollup Polyfills to Steal Developer Secrets

Threat actors with ties to North Korea have been linked to a fresh set of malicious npm packages that masquerade as Rollup polyfill tooling to facilitate remote access and data theft. According to JFrog, the packages "rollup-packages-polyfill-core" and "rollup-runtime-polyfill-core" mimic the legitimate "rollup-plugin-polyfill-node" project, down to the description, repository metadata, and from The Hacker News https://thehackernews.com/2026/07/north-korea-linked-npm-packages-mimic.html

The Hacker News - Armored Likho Targets Government Agencies, Power Sector with BusySnake Stealer

A previously undocumented threat actor known as Armored Likho has been attributed to cyber attacks targeting government agencies and the electric power sector across Russia, Brazil, and Kazakhstan. "Armored Likho blends financially motivated campaigns targeting private individuals with targeted cyber espionage aimed at organizations," Kaspersky said in a technical analysis published today. " from The Hacker News https://thehackernews.com/2026/07/armored-likho-targets-government.html

KnowBe4 - INC Ransomware Gang Targets the Legal Sector

Image
The INC ransomware-as-a-service (RaaS) operation has grown into one of the premier ransomware offerings, claiming hundreds of victims in 2026 alone, according to researchers at Acronis. The attackers target a broad range of industries, but have recently prioritized entities in the legal sector . from KnowBe4 Blog https://blog.knowbe4.com/inc-ransomware-gang-targets-legal-sector

Schneier - Flock Cameras Can Surveil Cars Without License Plates

This is from a 2024 company presentation : Officers can also tap into data showing a car’s decals, bumper stickers, back and top racks—along with temporary and unique state tags. Flock calls it a “Vehicle Fingerprint” and it’s touted as a way for law enforcement officials to get more information “even when you don’t have full plate information,” the company’s presentation shows. The company gives police officers the ability to search that data as well, to “build stronger cases with less information upfront.” That includes being able to locate multiple vehicles law enforcement officials believe are moving together and what Flock calls a “multi geo search.” This kind of thing is older than AI; I wrote about it in my 2014 book Beyond Fear . Edward Snowden revealed that the NSA was using cell phone location data to track phones that were habitually near each other. As bad as Flock is, remember that anyone wit...

The Hacker News - European Parliament Member Investigating Spyware Was Hacked With Pegasus

A new report from the Citizen Lab has revealed that former Member of the European Parliament Stelios Kouloglou had his mobile device repeatedly hacked with the notorious Pegasus spyware while serving on a committee that was tasked with investigating the abuse of such commercial surveillance tools in the bloc. "Through forensic analysis of his device, we found that the attackers could have had from The Hacker News https://thehackernews.com/2026/07/european-parliament-member.html

The Hacker News - PamStealer Uses Fake Maccy Sites and PAM Checks to Steal Mac Login Passwords

Cybersecurity researchers have flagged a new macOS information stealer called PamStealer that employs a series of clever tricks to infect systems and siphon sensitive data. The stealer, discovered by Jamf Threat Labs, is distributed as a compiled AppleScript (.scpt) file impersonating Maccy, a legitimate open-source clipboard manager. It has been codenamed PamStealer owing to its ability to from The Hacker News https://thehackernews.com/2026/07/pamstealer-uses-fake-maccy-sites-and.html

KnowBe4 - 5 Essential Cybersecurity Defenses for Cloud Email Security

Image
Cloud email has become the center of modern business. Regardless of your organization's industry or size, email connects employees, customers, vendors, executives, financial systems and critical business processes. from KnowBe4 Blog https://blog.knowbe4.com/cloud-email-security-defenses