Security Boulevard

Payouts King Takes Aim at the Ransomware Throne

IntroductionIn February 2022, BlackBasta emerged as a successor to Conti ransomware and quickly rose to prominence. BlackBasta was operational for three years until February 2025 when their internal ...
Neowin

JavaScript devs beware: this very popular NPM package has been compromised by attackers

If you are a JavaScript developer, you’re likely familiar with Axios, the popular library with over 80 million weekly downloads. Developers use Axios to make network requests, handle form submissions, ...
Hosted on MSN

Understanding Caesar cipher in Python — encode and decode text easily

Curious how the Caesar Cipher works? This Python tutorial breaks it down in a simple, beginner-friendly way. Learn how to encode and decode messages using one of the oldest and most famous encryption ...
CSOonline

Typo hackers sneak cross-platform credential stealer into 10 npm packages

The typosquatted packages auto-execute on installation, fingerprint victims by IP, and deploy a PyInstaller binary to harvest credentials from browsers, SSH keys, API tokens, and cloud configuration ...
Developer Tech

Malware campaign on npm steals AWS, GCP, and Azure cloud keys

An advanced malware campaign on the npm registry steals the very keys that control enterprise cloud infrastructure. Open-source software (OSS) lets enterprise development teams innovate at pace, but ...
The Hacker News

Hackers Exploit Apache HTTP Server Flaw to Deploy Linuxsys Cryptocurrency Miner

Cybersecurity researchers have discovered a new campaign that exploits a known security flaw impacting Apache HTTP Server to deliver a cryptocurrency miner called Linuxsys. The vulnerability in ...
SiliconANGLE

Morphisec warns of Iran-backed ransomware campaign driven by political motives

A new report out today from endpoint security firm Morphisec Inc. reveals the resurgence of Pay2Key, a ransomware operation with ties to Iran’s Fox Kitten advanced persistent threat group, now ...