SecurityWeek

Bitwarden NPM Package Hit in Supply Chain Attack

The Bitwarden CLI NPM package compromise is tied to a Checkmarx supply chain attack and references the Shai-Hulud worm.

Tempo® Communications Launches EML250-ID Marker Locator / OmniMarker-ID Markers for ...

The EML250-ID and OmniMarker-ID transform underground utility management into a data-driven system that can write, ...
The Hacker News

UNC6692 Impersonates IT Help Desk via Microsoft Teams to Deploy SNOW Malware

UNC6692 has been attributed to a large email campaign that's designed to overwhelm a target's inbox with a flood of spam ...

As DHS shutdown lags, Senate greenlights $70B for ICE, Border Patrol

By the end of March, the Homeland Security shutdown became the longest in American history, surpassing a record set last year ...

Firefox 150 turns its PDF viewer into a real PDF editor

Firefox 150 adds page reordering, exporting, and image saving to its built-in PDF viewer, plus split-view improvements and ...

Copper mine opponents file new lawsuit to block Oak Flat project

Apache Stronghold and its allies allege that federal officials admitted a proposed copper mine would destroy Oak Flat.
Cybernews

750,000 DNN websites in danger: a simple SVG upload can lead to complete compromise

A severe cross-site-scripting (XSS) vulnerability in DNN, a popular open-source content management platform, allows attackers ...
SecurityWeek

Organizations Warned of Exploited Cisco, Kentico, Zimbra Vulnerabilities

CISA has added eight more vulnerabilities to the KEV catalog, including Cisco, Kentico, and Zimbra flaws not previously ...
Homeland Security Today

Supply Chain Compromise Impacts Axios Node Package Manager , CISA Alert Warns

The Cybersecurity and Infrastructure Security Agency (CISA) has released an alert to provide guidance in response to the ...