Open source package with 1 million monthly downloads stole user credentials

Open source software with more than 1 million monthly downloads was compromised after a threat actor exploited a ...
Dark Reading

UNC6692 Combines Social Engineering, Malware, Cloud Abuse

A newly discovered threat actor is using Microsoft Teams, AWS S3 buckets, and custom "Snow" malware in a multipronged ...
TechJuice

Hackers Deploy SNOW Malware Suite via Microsoft Teams

A cyber group is impersonating IT helpdesk staff via Microsoft Teams to deploy malware and target corporate systems.
The Hacker News

UNC6692 Impersonates IT Help Desk via Microsoft Teams to Deploy SNOW Malware

UNC6692 has been attributed to a large email campaign that's designed to overwhelm a target's inbox with a flood of spam ...
The Hacker News

ThreatsDay Bulletin: $290M DeFi Hack, macOS LotL Abuse, ProxySmart SIM Farms +25 New Stories

ThreatsDay Bulletin: active exploits, supply chain attacks, AI abuse, and stealth data risks observed this week.
CSO Online

Azure SRE Agent flaw lets outsiders silently eavesdrop on enterprise cloud operations

A multi-tenant authentication gap in Microsoft’s AI operations agent exposed live command streams, internal reasoning, and ...