Aggregator

A newly discovered malware campaign called IronWorm has been silently targeting software developers through poisoned npm packages, stealing credentials, API keys, and even cryptocurrency wallet recovery phrases. The attack is built to spread itself through trusted developer workflows, making it one of the more sophisticated supply-chain threats seen in recent years. The malware travels inside […]

The post IronWorm Supply Chain Attack Uses Malicious npm Packages to Steal Developer Secrets appeared first on Cyber Security News.

You must login to view this content

New research details how the increasing integration of AI agents into businesses is making it easier than ever for insiders - malicious or otherwise - to put sensitive data at risk. 

The post Your AI agent could become your biggest insider threat  appeared first on CyberScoop.

A senior executive at a major global stock exchange had their Microsoft Outlook account silently compromised for five straight months, with attackers carefully siphoning emails in small batches to avoid detection. The intrusion ran from October 2025 through at least March 2026, designed entirely around one single goal: stealing the complete contents of one person’s […]

The post Stock Exchange Executive’s Outlook Account Targeted to Exfiltrate Credentials appeared first on Cyber Security News.