Cybersecurity researchers have disclosed a new iteration of the ongoing Contagious Interview campaign, where the North Korean threat actors have published a set of 26 malicious packages to the npm registry.
The packages masquerade as developer tools, but contain functionality to extract the actual command-and-control (C2) by using seemingly harmless Pastebin content as a dead drop resolver and
Shutdown Stalls Compliance Plans for Cyber Breach Reporting Rule
Cassandre Coyer reports: A partial government shutdown threatens to further derail a key federal cybersecurity agency’s incident reporting rule—and delay answers that companies need to
