Tech News
General news about the tech industry, trends, and major events.
Supply chain attack hits npm package with 45,000 weekly downloads
An npm package named ‘rand-user-agent’ has been compromised in a supply chain attack to inject obfuscated code that activates a remote access trojan (RAT) on the user’s system. The ‘rand-user-agent‘ package is a tool that generates randomized user-agent strings, which is helpful in web scraping, automated testing, and security research. Although the package has been […]
Malicious PyPi package hides RAT malware, targets Discord devs since 2022
A malicious Python package targeting Discord developers with remote access trojan (RAT) malware was spotted on the Python Package Index (PyPI) after more than three years. Named “discordpydebug,” the package was masquerading as an error logger utility for developers working on Discord bots and was downloaded over 11,000 times since it was uploaded on March 21, 2022, even […]
Kickidler employee monitoring software abused in ransomware attacks
Ransomware operations are using legitimate Kickidler employee monitoring software for reconnaissance, tracking their victims’ activity, and harvesting credentials after breaching their networks. In attacks observed by cybersecurity companies Varonis and Synacktiv, Qilin and Hunters International ransomware affiliates installed Kickidler, an employee monitoring tool that can capture keystrokes, take screenshots, and create videos of the screen. Kickidler’s developer says the tool […]
VC giant Insight Partners confirms investor data stolen in breach
Venture capital firm Insight Partners has confirmed that sensitive data for employees and limited partners was stolen in a January 2025 cyberattack. Insight Partners is a prominent global venture capital and private equity firm specializing in high-growth technology, software, and internet companies, managing over $90 billion in regulatory assets. The company has significant investments in […]
Google links new LostKeys data theft malware to Russian cyberspies
Since the start of the year, the Russian state-backed ColdRiver hacking group has been using new LostKeys malware to steal files in espionage attacks targeting Western governments, journalists, think tanks, and non-governmental organizations. In December, the United Kingdom and Five Eyes allies linked ColdRiver to Russia’s Federal Security Service (FSB), the country’s counterintelligence and internal security service. […]
SonicWall urges admins to patch VPN flaw exploited in attacks
SonicWall has urged its customers to patch three security vulnerabilities affecting its Secure Mobile Access (SMA) appliances, one of them tagged as exploited in attacks. Discovered and reported by Rapid7 cybersecurity researcher Ryan Emmons, the three security flaws (CVE-2025-32819, CVE-2025-32820, and CVE-2025-32821) can be chained by attackers to gain remote code execution as root and compromise […]
LockBit ransomware gang hacked, victim negotiations exposed
The LockBit ransomware gang has suffered a data breach after its dark web affiliate panels were defaced and replaced with a message linking to a MySQL database dump. All of the ransomware gang’s admin panels now state. “Don’t do crime CRIME IS BAD xoxo from Prague,” with a link to download a “paneldb_dump.zip.” As first spotted by the threat […]
PowerSchool hacker now extorting individual school districts
PowerSchool is warning that the hacker behind its December cyberattack is now individually extorting schools, threatening to release the previously stolen student and teacher data if a ransom is not paid. “PowerSchool is aware that a threat actor has reached out to multiple school district customers in an attempt to extort them using data from the previously reported […]
CoGUI phishing platform sent 580 million emails to steal credentials
A new phishing kit named ‘CoGUI’ sent over 580 million emails to targets between January and April 2025, aiming to steal account credentials and payment data. The messages impersonate major brands like Amazon, Rakuten, PayPal, Apple, tax agencies, and banks. The activity culminated in January 2025, where 170 campaigns sent 172,000,000 phishing messages to targets, […]
Hackers exploit OttoKit WordPress plugin flaw to add admin accounts
Hackers are exploiting a critical unauthenticated privilege escalation vulnerability in the OttoKit WordPress plugin to create rogue admin accounts on targeted sites. OttoKit (formerly SureTriggers) is a WordPress automation and integration plugin used in over 100,000 sites, allowing users to connect their websites to third-party services and automate workflows. Patchstack received a report about a […]