CISA has confirmed hackers breached a U.S. federal agency by exploiting CVE-2024-36401, a critical flaw in GeoServer. Attackers used web shells, brute force, and lateral movement to persist in the network. CISA warns agencies to patch quickly and strengthen defenses.
Cybersecurity researchers have uncovered a new form of supply chain attack hidden within the npm ecosystem. A malicious npm package was discovered embedding malware inside steganographic QR codes, a technique designed to slip past traditional security defenses. The attack highlights growing risks in opensource software dependencies and developer tools How the Malware Works The compromised…
Japan is facing a cybersecurity crisis. A government review revealed hundreds of security incidents in 2024 alone, exposing systemic weaknesses across critical infrastructure. While Tokyo has introduced new laws to expand its defensive capabilities, experts warn that outdated systems and poor planning leave the nation vulnerable to both cybercriminals and nation-state hackers Scale of the…
English (United States)