Security News

Lazarus Group Targets Web3 Developers with Fake LinkedIn Profiles in Operation 99
2025-01-15 15:37

The North Korea-linked Lazarus Group has been attributed to a new cyber attack campaign dubbed Operation 99 that targeted software developers looking for freelance Web3 and cryptocurrency work to...

Time for a change: Elevating developers’ security skills
2025-01-13 04:00

Organizations don’t know their software engineers’ security skills because they don’t assess them in the interview process. Trying to do that in an interview is challenging, of course, given the...

Cybercriminals Target Ethereum Developers with Fake Hardhat npm Packages
2025-01-06 09:28

Cybersecurity researchers have revealed several malicious packages on the npm registry that have been found impersonating the Nomic Foundation's Hardhat tool in order to steal sensitive data from...

Malicious npm packages target Ethereum developers' private keys
2025-01-03 15:53

Twenty malicious packages impersonating the Hardhat development environment used by Ethereum developers are targeting private keys and other sensitive data. [...]

US charges suspected LockBit ransomware developer
2024-12-23 14:36

The US Department of Justice has unsealed charges against Rostislav Panev, 51, a dual Russian and Israeli national, suspected of being a developer for the LockBit ransomware group. Panev was...

LockBit Developer Rostislav Panev Charged for Billions in Global Ransomware Damages
2024-12-21 09:22

A dual Russian and Israeli national has been charged in the United States for allegedly being the developer of the now-defunct LockBit ransomware-as-a-service (RaaS) operation since its inception...

Tackling software vulnerabilities with smarter developer strategies
2024-12-13 05:00

In this Help Net Security interview, Karl Mattson, CISO at Endor Labs, discusses strategies for enhancing secure software development. Mattson covers how developers can address vulnerabilities in...

Cloudflare’s developer domains increasingly abused by threat actors
2024-12-03 21:00

Cloudflare's 'pages.dev' and 'workers.dev' domains, used for deploying web pages and facilitating serverless computing, are being increasingly abused by cybercriminals for phishing and other...

How Intel is making open source accessible to all developers
2024-11-14 05:30

In this Help Net Security interview, Arun Gupta, Vice President and General Manager for Open Ecosystem, Intel, discusses the company’s commitment to fostering an open ecosystem as a cornerstone of...

GoIssue phishing tool targets GitHub developer credentials
2024-11-13 13:36

Researchers discovered GoIssue, a new phishing tool targeting GitHub users, designed to extract email addresses from public profiles and launch mass email attacks. Marketed on a cybercrime forum,...