yohanmanuja, Author at Security Pulse

CISA warns federal agencies to patch Cisco ASA/FTD zero-days and validate compromise under ED 25-03

Cisco firewall zero-days: CISA says patch & retire EOS hardware

yohanmanuja1 month ago1 month ago03 mins

CISA warned that multiple federal agencies still haven’t fully patched Cisco ASA/FTD devices despite active exploitation. Because the campaign targets the VPN web server and enables device takeover, teams must apply fixes for CVE-2025-20333/20362, follow ED 25-03 inventory and validation steps, and disconnect end-of-support hardware. This analysis explains impact, attack flow, high-signal detection, and fast remediation so defenders can reduce edge-device risk without slowing operations.

UK investigators recover 61,000 Bitcoin as court jails Zhimin Qian for laundering proceeds of a £5B fraud

“Bitcoin Queen” sentenced as UK recovers £5B in crypto

yohanmanuja1 month ago1 month ago04 mins

UK investigators seized 61,000 Bitcoin linked to Zhimin Qian’s China-based Ponzi fraud. A London court handed her 11 years and 8 months, while civil recovery fights over billions continue.

Sprout Rust UEFI bootloader speeding secure device startup with policy-driven config

Sprout Rust UEFI bootloader lands with speed and clean policy

yohanmanuja1 month ago1 month ago04 mins

Sprout is a Rust-based UEFI bootloader that pursues sub-second startup and data-driven policy. It reduces drift, speeds rollbacks, and clarifies failure modes. Secure-boot enablement is underway; teams should pilot now, prepare key management, and align firmware updates for a smooth transition to verified and measured boot.

Tens of thousands of fake npm packages flood the registry—hardening CI/CD with allowlists and provenance

67K+ fake npm packages hit the registry—defend your pipelines

yohanmanuja1 month ago1 month ago05 mins

A worm-like spam campaign flooded npm with tens of thousands of fake packages, polluting search results and straining CI/CD. Consequently, treat registries as hostile input. Enforce allowlists, verify npm provenance with Sigstore, disable lifecycle scripts by default, and promote dependencies through SLSA-aligned stages to cut risk.

UK Cyber Security and Resilience Bill strengthens defenses for NHS, water, transport, and energy

UK Unveils Cyber Resilience Bill, Tougher Rules for NHS, Water

yohanmanuja1 month ago1 month ago14 mins

The UK introduced a Cyber Security and Resilience Bill to harden essential services and their suppliers. Consequently, regulators expand scope, speed incident reporting, and push provable resilience across NHS, water, transport, and energy.

Apache OpenOffice 4.1.16 blocks silent external content loading and CSV import memory risks

Apache OpenOffice 4.1.16 fixes remote content and CSV flaws

yohanmanuja1 month ago1 month ago15 mins

Apache OpenOffice 4.1.16 fixes seven vulnerabilities that allowed silent external content loading and possible memory corruption during CSV import. Update immediately, restrict DDE and Calc external data sources, and replace templates that embed remote URLs. Verify the new prompts and monitor document-triggered network fetches

Google lawsuit targets ‘Lighthouse’ smishing platform behind global SMS phishing

Google sues China-based Lighthouse smishing network

yohanmanuja1 month ago1 month ago44 mins

Google filed a lawsuit in New York to disrupt “Lighthouse,” a phishing-as-a-service network behind large-scale smishing. Consequently, the case seeks injunctions, domain seizures, and damages. For defenders, the move creates detection windows as operators pivot infrastructure so tighten filters, accelerate takedowns, and harden fraud telemetry now.

DanaBot returns to infect Windows after six-month hiatus, new loader and C2 activity

DanaBot Returns: Windows Campaign Resumes After Six-Month

yohanmanuja1 month ago1 month ago14 mins

DanaBot restarted Windows campaigns after a six-month break. Consequently, teams tighten email defenses, inspect loaders, and hunt for fresh C2 as affiliates pivot tooling.

GootLoader returns with web-font obfuscation on WordPress and SEO-poisoned downloads

GootLoader’s comeback: hidden filenames, ZIP-JS payloads

yohanmanuja2 months ago2 months ago33 mins

GootLoader reappeared with custom WOFF2 web-fonts that swap glyph shapes, so a gibberish string in source renders as a harmless-looking filename in the browser. Consequently, victims on SEO-poisoned WordPress sites download ZIP archives carrying JavaScript loaders that trigger rapid, hands-on compromises. Therefore, block risky downloads, hunt for loader execution, and harden WordPress and endpoints to cut dwell time and prevent domain-wide impact within hours.

npm typosquat “@acitons/artifact” exfiltrating GitHub Actions tokens during postinstall in CI

npm typosquat targets GitHub Actions to steal tokens and artifacts

yohanmanuja2 months ago2 months ago34 mins

A malicious npm package named “@acitons/artifact” impersonates @actions/artifact, hijacks GitHub Actions tokens via postinstall scripts, and attempts to publish artifacts as GitHub showcasing a precise software supply chain attack.

TeamViewer DEX Vulnerabilities Expose Enterprise Endpoint Risks

Trust Wallet Chrome Extension Hack Exposes Browser Wallet Risk

LangChain Core Vulnerability Highlights Risks in AI Frameworks

China-Linked Actors Abuse DNS in Advanced Espionage Malware

Parrot OS 7.0 Focuses on Reliable Penetration Testing Workflows

Stealth Malware Loaders and AI-Assisted Attacks Reshape

yohanmanuja

Cisco firewall zero-days: CISA says patch & retire EOS hardware

“Bitcoin Queen” sentenced as UK recovers £5B in crypto

Sprout Rust UEFI bootloader lands with speed and clean policy

67K+ fake npm packages hit the registry—defend your pipelines

UK Unveils Cyber Resilience Bill, Tougher Rules for NHS, Water

Apache OpenOffice 4.1.16 fixes remote content and CSV flaws

Google sues China-based Lighthouse smishing network

DanaBot Returns: Windows Campaign Resumes After Six-Month

GootLoader’s comeback: hidden filenames, ZIP-JS payloads

npm typosquat targets GitHub Actions to steal tokens and artifacts