Articles

  • 1 week ago | darkreading.com | Jai Vijayan

    A threat actor is targeting organizations in Taiwan in a sophisticated and evolving campaign to steal data for likely use in future attacks. The attackers are delivering malware through phishing emails impersonating Taiwan’s National Taxation Bureau and other government entities, using themes related to taxes, pensions, and public services. Convincing Phishing LuresThe emails contain a malicious zip file that launches a multistage infection chain when opened.

  • 1 week ago | darkreading.com | Jai Vijayan

    A malicious package recently uploaded to the Python Package Index (PyPI) is the latest manifestation of the growing sophistication of software supply chain threats. Security researchers at JFrog recently discovered the multistage attack malware, "chimera-sandbox-extensions," lurking on the repository and have surmised it was most likely targeting organizations using chimera-sandbox for developing and testing code for artificial intelligence.

  • 2 weeks ago | darkreading.com | Jai Vijayan

    A server memory leak that allowed security researchers to quietly snoop on the recently disrupted DanaBot Russian malware-as-a-service (MaaS) operation for nearly three years has once again shown how much threat actors can sometimes give away when their own security slips.

  • 2 weeks ago | darkreading.com | Jai Vijayan

    The threat associated with a critical decade-old remote code execution vulnerability in Roundcube webmail has increased sharply in recent days, with proof-of-concept (PoC) code for the bug becoming readily available to threat actors. The bug, identified as CVE-2025-49113, has a near maximum CVSS severity score of 9.9 and affects Roundcube versions 1.1.0 through 1.6.10, including several default configurations.

  • 2 weeks ago | threatbeat.com | Jai Vijayan

    Skip to content NEW Security news and analysis brought to you by the McCrary Institute | READ MORE → By Jai Vijayan • Jun 10, 2025 A newly uncovered cyber campaign by an advanced persistent threat (APT) group known as “Librarian Ghouls” is targeting organizations in Russia with stealthy nighttime attacks to steal sensitive data and deploy cryptocurrency miners on victim systems.

Contact details

Socials & Sites

Try JournoFinder For Free

Search and contact over 1M+ journalist profiles, browse 100M+ articles, and unlock powerful PR tools.

Start Your 7-Day Free Trial →

X (formerly Twitter)

Followers
5K
Tweets
1K
DMs Open
No
Jaikumar Vijayan
Jaikumar Vijayan @jaivijayan
9 Jun 23

https://t.co/ndeIsPFBlj

Jaikumar Vijayan
Jaikumar Vijayan @jaivijayan
4 Oct 22

https://t.co/yS6xXo76XP

Jaikumar Vijayan
Jaikumar Vijayan @jaivijayan
16 Sep 22

https://t.co/L872zmf0VV