The North Korean threat actors behind the ongoing Contagious Interview campaign are spreading their tentacles on the npm ecosystem by publishing more malicious packages that deliver the BeaverTail malware, as well as a new remote access trojan (RAT) loader.
“These latest samples employ hexadecimal string encoding to evade automated detection systems and manual code audits, signaling a variation

The Hacker News – ​Read More

Cybersecurity researchers have uncovered malicious libraries in the Python Package Index (PyPI) repository that are designed to steal sensitive information.
Two of the packages, bitcoinlibdbfix and bitcoinlib-dev, masquerade as fixes for recent issues detected in a legitimate Python module called bitcoinlib, according to ReversingLabs. A third package discovered by Socket, disgrasya, contained a

The Hacker News – ​Read More

---

Cisco warns LLMs fine-tuned for business are now being weaponized. Guardrails aren’t failing. They’re being engineered around.Read More

Security News | VentureBeat – ​Read More

New end-to-end Gmail encryption alone isn’t secure enough for an enterprise’s most sensitive and prized data, experts say.

darkreading – ​Read More

The organization that runs Seattle-Tacoma International Airport and several container terminals said it is sending breach notification letters to those affected by a ransomware attack, including about 71,000 people in Washington state.

The Record from Recorded Future News – ​Read More