iot Archives - Security Pulse

Headlines

GootLoader’s comeback: hidden filenames, ZIP-JS payloads
4 hours ago4 hours ago
npm typosquat targets GitHub Actions to steal tokens and artifacts
4 hours ago4 hours ago
Rhadamanthys disruption derails credential-theft campaigns
4 hours ago4 hours ago
Windows admins: prioritize November zero-day and RCE
4 hours ago4 hours ago
Russia Adds 24-Hour SIM Cooling-Off After Roaming
4 hours ago4 hours ago
Zoom for Enterprise: close DLL path attacks, move to 6.3.10 today
17 hours ago17 hours ago

Malicious NuGet packages with delayed logic bombs threatening .NET apps and Siemens S7 PLCs

Malicious NuGet ‘Time Bombs’ Threaten .NET Pipelines—Act Now

yohanmanuja4 days ago4 days ago15 mins

A cluster of malicious NuGet packages plants delayed logic bombs that crash apps, corrupt databases, and disrupt Siemens S7 PLCs. Remove the dependencies, rebuild from clean mirrors, and test with date-manipulation harnesses. Lock down registries, verify publishers, and stream build/runtime logs off-box to detect abuse early.

GootLoader’s comeback: hidden filenames, ZIP-JS payloads

npm typosquat targets GitHub Actions to steal tokens and artifacts

Rhadamanthys disruption derails credential-theft campaigns

Windows admins: prioritize November zero-day and RCE

Russia Adds 24-Hour SIM Cooling-Off After Roaming

Zoom for Enterprise: close DLL path attacks, move to 6.3.10 today

Malicious NuGet ‘Time Bombs’ Threaten .NET Pipelines—Act Now