attackers

Attackers hijack UK NHS email accounts to steal Microsoft logins

by

[ad_1] For about half a year, work email accounts belonging to more than 100 NHS employees in the UK were used in various phishing campaigns, some aiming to steal Microsoft logins. . Attackers began using legitimate NHS email accounts in October last year after hijacking them and continued to use them in phishing activities until … Read more

NPM flaw allows attackers to add anyone as a maintainer of malicious packages

by

[ad_1] A “logic flaw” in the npm registry allowed the authors of malicious packages to silently add anyone and any number of users as “maintainers” of their packages in an attempt to increase trust in their packages. The GitHub-owned repository of NodeJS components has now fixed the flaw after cloud-native security company Aqua responsibly reported … Read more

💬