Security News

Cybercriminals Target Ethereum Developers with Fake Hardhat npm Packages
2025-01-06 09:28

Cybersecurity researchers have revealed several malicious packages on the npm registry that have been found impersonating the Nomic Foundation's Hardhat tool in order to steal sensitive data from...

Malicious npm packages target Ethereum developers' private keys
2025-01-03 15:53

Twenty malicious packages impersonating the Hardhat development environment used by Ethereum developers are targeting private keys and other sensitive data. [...]

US charges suspected LockBit ransomware developer
2024-12-23 14:36

The US Department of Justice has unsealed charges against Rostislav Panev, 51, a dual Russian and Israeli national, suspected of being a developer for the LockBit ransomware group. Panev was...

LockBit Developer Rostislav Panev Charged for Billions in Global Ransomware Damages
2024-12-21 09:22

A dual Russian and Israeli national has been charged in the United States for allegedly being the developer of the now-defunct LockBit ransomware-as-a-service (RaaS) operation since its inception...

Tackling software vulnerabilities with smarter developer strategies
2024-12-13 05:00

In this Help Net Security interview, Karl Mattson, CISO at Endor Labs, discusses strategies for enhancing secure software development. Mattson covers how developers can address vulnerabilities in...

Cloudflare’s developer domains increasingly abused by threat actors
2024-12-03 21:00

Cloudflare's 'pages.dev' and 'workers.dev' domains, used for deploying web pages and facilitating serverless computing, are being increasingly abused by cybercriminals for phishing and other...

How Intel is making open source accessible to all developers
2024-11-14 05:30

In this Help Net Security interview, Arun Gupta, Vice President and General Manager for Open Ecosystem, Intel, discusses the company’s commitment to fostering an open ecosystem as a cornerstone of...

GoIssue phishing tool targets GitHub developer credentials
2024-11-13 13:36

Researchers discovered GoIssue, a new phishing tool targeting GitHub users, designed to extract email addresses from public profiles and launch mass email attacks. Marketed on a cybercrime forum,...

New Phishing Tool GoIssue Targets GitHub Developers in Bulk Email Campaigns
2024-11-12 14:00

Cybersecurity researchers are calling attention to a new sophisticated tool called GoIssue that can be used to send phishing messages at scale targeting GitHub users. The program, first marketed...

Malicious PyPI Package ‘Fabrice’ Found Stealing AWS Keys from Thousands of Developers
2024-11-07 09:07

Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) that has racked up thousands of downloads for over three years while stealthily exfiltrating...