Security Boulevard

Bitwarden CLI Compromise Linked to Ongoing Checkmarx Supply Chain Campaign

The compromise of a version of Bitwarden's CLI is connected to the ongoing Checkmarx supply chain campaign, but differences in the operational methods of both incidents are making it difficult to ...
CSO Online

Bitwarden CLI password manager trojanized in supply chain attack

Attackers published a malicious command-line version of the popular open-source password manager to the npm registry and may ...

How indirect prompt injection attacks on AI work - and 6 ways to shut them down

Cybercriminals are tricking AI into leaking your data, executing code, and sending you to malicious sites. Here's how.
Infosecurity Magazine

Researchers Uncover 10 In-the-Wild Prompt Injection Payloads Targeting AI Agents

Security researchers have discovered 10 new indirect prompt injection (IPI) payloads targeting AI agents with malicious ...
CoinDesk

The Protocol: Kelp DAO exploited for $292 million

Crypto bridge hacks like the $292 million Kelp DAO exploit keep happening because bridges rely on trusted intermediaries and ...
SecurityWeek

North Korean Hackers Use AppleScript, ClickFix in Fresh macOS Attacks

North Korean hackers used AppleScript and ClickFix in recent attacks targeting macOS systems at financial organizations.
CoinDesk

Arbitrum freezes $71 million in ether tied to Kelp DAO exploit

The layer-2 network's security council moved 30,766 ETH to a frozen intermediary wallet, accessible only via further ...
Business Day

CAC hack exposes 15m company documents, undermining Nigeria’s anti-money laundering reforms

Hackers have stolen and leaked more than 15 million sensitive company documents from Nigeria’s Corporate Affairs Commission ...
Business Day

CAC hack puts 15m company documents at risk

Hackers have stolen and leaked more than 15 million sensitive company documents from Nigeria’s Corporate Affairs Commission ...

U.S. Attacks Iranian Cargo Ship While Preparing for New Round of Talks

Vice President JD Vance will again lead the U.S. delegation for talks mediated by Pakistan, a White House official said.
The Hacker News

Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet

CVE-2024-3721 and CVE-2023-33538 exploited in TBK DVRs and EoL TP-Link routers, enabling Mirai variants and DDoS risk.

Production Of AH-64 Apache’s New Counter-Drone Cannon Shell Ammunition Ramping-Up

Bottom line: The U.S. Army is significantly increasing production of XM1225 APEX rounds for AH-64 Apaches to enhance their ...