The Shai-Hulud supply-chain malware campaign is exploiting the automated systems developers trust to publish software safely.
Hulud payload to steal CI/CD secrets from Linux-based automation environments. The malware executes during npm install and ...
Tycoon2FA has returned with new device-code phishing attacks targeting Microsoft 365 users through legitimate OAuth login ...
Copycat hackers are competing to win $1,000 for the largest supply chain attack using Shai-Hulud, an open-sourced worm that has brought down a few major open-source projects. Malicious NPM packages ...
The Tycoon2FA phishing kit now supports device-code phishing attacks and abuses Trustifi click-tracking URLs to hijack ...
Researchers say the campaign uses a browser-based JavaScript VM to hide credential theft and intercept MFA at scale.
Each year, World Password Day arrives with a familiar message that is increasingly outdated. The password, once the foundatio ...
Dive into The Register's online archive of incisive tech news reporting, features, and analysis dating back to 1998 ...
White House app secretly tracked users every 4 minutes, sending location data to third parties despite promising government transparency.
Morey J. Haber, Chief Security Advisor at BeyondTrust, is an identity and technical evangelist with over 25 years of IT industry experience. We often prepare for threats that are visible, and ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results