North Korean Lazarus group linked to Medusa ransomware attacks

North Korean state-backed hackers associated with the Lazarus threat group are targeting U.S. healthcare organizations in ...

What is ransomware? What to know after UMMC cyberattack

Ransomware was the largest threat to U.S. critical infrastructure in 2024, with complaints rising 9% from 2023.
Infosecurity Magazine

North Korean Lazarus Group Expands Ransomware Activity With Medusa

Medusa, operated by the Spearwing cybercrime group, emerged in 2023 as a ransomware-as-a-service (RaaS) platform. Affiliates deploy the malware in exchange for a share of ransom payments. Since its ...
InfoWorld

New npm worm hits CI pipelines and AI coding tools

Researchers warn malicious packages can harvest secrets, weaponize CI systems, and spread across projects while carrying a dormant wipe mechanism.
SecurityWeek

New ‘Sandworm_Mode’ Supply Chain Attack Hits NPM

Hulud-like Sandworm_Mode supply chain attack targets NPM developers to steal secrets and poison AI assistants.
CSO Online

Shai-Hulud-style NPM worm hits CI pipelines and AI coding tools

Researchers warn malicious packages can harvest secrets, weaponize CI systems, and spread across projects while carrying a ...