Cyber Security – Page 27 – Simply Secure Group

Malicious npm Packages Posing as Solara Executor Target Discord, Browsers, and Crypto Wallets

Malicious npm Packages Target Discord Crypto Wallets JFrog security researchers Guy Korolevski and Meitar Palas uncovered a sophisticated supply chain attack on the npm ecosystem on March 12, 2026, in which threat actors disguised an information-stealing malware as a legitimate Roblox script executor. The campaign, self-named Cipher stealer, used two malicious packages bluelite-bot-manager and test-logsmodule-v-zisko, to deliver a […]

GlassWorm Campaign Uses 72 Malicious Open VSX Extensions to Broaden Reach

GlassWorm 72 Malicious Open VSX Extensions In a major escalation of supply chain attacks, the GlassWorm malware campaign has evolved to infect developer environments using transitive dependencies. On March 13, 2026, the Socket Research Team reported identifying at least 72 new malicious Open VSX extensions linked to this campaign. Instead of placing the malicious payload […]

Critical LangSmith Account Takeover Vulnerability Puts Users at Risk

Critical LangSmith Account Takeover Vulnerability Miggo Security researchers have identified a critical vulnerability in LangSmith, tracked as CVE-2026-25750, that exposes users to potential token theft and complete account takeover. As a central hub for debugging and monitoring large language model data, LangSmith processes billions of events daily, making this a high-stakes security flaw for enterprise […]

Loblaw Data Breach Hackers Accessed IT Network and Customer Information

Loblaw Data Breach Canada’s largest food and pharmacy retailer has announced an ongoing investigation into a recent corporate data breach.On March 10, 2026, the company notified its customers that unauthorized threat actors successfully infiltrated a segment of its IT network. The security incident was discovered after Loblaw detected suspicious activity within its infrastructure. According to […]

Authorities Dismantle Malicious Proxy Service Used to Deploy Malware Attacking Thousands of Users

Authorities Dismantle Malicious Proxy Service An international law enforcement operation led by the U.S. Justice Department has successfully dismantled SocksEscort, a massive residential proxy network. The malicious service compromised thousands of home and small business routers worldwide, enabling cybercriminals to mask their identities while executing large-scale financial fraud. The coordinated takedown resulted in the seizure […]

Chrome Zero-Day Vulnerabilities Actively Exploited in the Wild to Execute Malicious Code

Google has released an urgent security update for its Chrome browser after confirming that two high-severity zero-day vulnerabilities are being actively exploited in the wild. The stable channel has been updated to version 146.0.7680.75/76 for Windows and macOS, and 146.0.7680.75 for Linux, with the rollout expected to reach users over the coming days and weeks. […]

Attackers Hijack Microsoft 365 Accounts Through OAuth Device Code Abuse Without Stealing Passwords

Exposing OAuth Device Code Phishing in Microsoft Analysts at ANY.RUN has identified a sharp spike in phishing campaigns exploiting Microsoft’s OAuth Device Authorization Grant flow, with more than 180 malicious URLs detected within a single week. Unlike conventional credential harvesting, this technique routes victims through legitimate Microsoft authentication pages, making it substantially harder for security […]

Critical MediaTek Vulnerability Lets Attackers Steal Android Phone PINs in 45 Seconds

A critical vulnerability in the MediaTek Dimensity 7300 chipset allows a physical attacker to extract device PINs, decrypt on-device storage, and steal cryptocurrency wallet seed phrases in approximately 45 seconds, raising serious alarms for the roughly 25% of Android users whose devices rely on the affected chip. The vulnerability uncovered by Ledger’s Donjon security research […]

GitLab Security Update Patch for XSS and API DoS Vulnerabilities

GitLab Security Update Patch XSS and API DoS Vulnerabilities GitLab has released urgent security updates for its Community Edition (CE) and Enterprise Edition (EE) to address a wide range of vulnerabilities. The newly released versions 18.9.2, 18.8.6, and 18.7.6 fix a total of 15 security issues, including critical Cross-Site Scripting (XSS) and Denial-of-Service (DoS) flaws. […]

Stryker Cyber Attack Hackers Claim System Breach and Device Wipe

Stryker Cyber Attack On March 11, 2026, global medical technology giant Stryker suffered a devastating cyberattack when Iranian-linked hackers deployed wiper malware to permanently erase data across its network. The breach severely impacted operations at its Cork headquarters and compromised devices worldwide, prompting immediate investigations by internal cybersecurity teams and Microsoft engineers. A massive cyberattack […]

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.