29 Aug 2025
By Mary

InfoSec News Nuggets 8/29/2025

TransUnion suffers data breach impacting over 4.4 million people  Consumer credit reporting giant TransUnion warns it suffered a data breach exposing the personal information of over 4.4 million people in the United States. TransUnion is one of the three major credit bureaus in the United States, alongside Equifax and Experian. It operates in 30 countries, employs 13,000 staff, and has an annual revenue of $3 billion. It collects and maintains credit information on over 1 billion consumers…
Read More
28 Aug 2025
By Mary

InfoSec News Nuggets 8/28/2025

One long sentence is all it takes to make LLMs misbehave Security researchers from Palo Alto Networks' Unit 42 have discovered the key to getting large language model (LLM) chatbots to ignore their guardrails, and it's quite simple. You just have to ensure that your prompt uses terrible grammar and is one massive run-on sentence like this one which includes all the information before any full stop which would give the guardrails a chance to…
Read More
27 Aug 2025
By Mary

InfoSec News Nuggets 8/27/2025

The first AI-powered ransomware has been discovered — "PromptLock" uses local AI to foil heuristic detection and evade API tracking ESET today announced the discovery of "the first known AI-powered ransomware." The ransomware in question has been dubbed PromptLock, presumably because seemingly everything related to generative AI has to be prefixed with "prompt." ESET said that this malware uses an open-weight large language model developed by OpenAI to generate scripts that can perform a variety…
Read More
26 Aug 2025
By Mary

InfoSec News Nuggets 8/26/2025

Threat Actors Weaponizes AI Generated Summaries With Malicious Payload to Execute Ransomware A novel adaptation of the ClickFix social engineering technique has been identified, leveraging invisible prompt injection to weaponize AI summarization systems in email clients, browser extensions, and productivity platforms. By embedding malicious step-by-step instructions within hidden HTML elements—using CSS obfuscation methods such as zero-width characters, white-on-white text, tiny font sizes, and off-screen positioning—attackers can poison AI-generated summaries.    Blistering Wyden letter seeks review of federal court…
Read More
25 Aug 2025
By Mary

InfoSec News Nuggets 8/25/2025

US bill proposes 21st-century privateers to take on cybercrime Arizona lawmaker David Schweikert introduced the “Scam Farms Marque and Reprisal Authorization Act of 2025” in August, proposing the use of neo-privateers — state-sanctioned pirates — to target cybercriminals threatening the United States. The bill would allow the US president to issue letters of marque to “privately armed and equipped persons” contracted by the government, authorizing them to “employ all means reasonably necessary” to seize property and detain or “punish”…
Read More
22 Aug 2025
By Mary

InfoSec News Nuggets 8/22/2025

DARPA: Closing the Open Source Security Gap With AI Open source components continue to cause huge problems for security practitioners, and AIxCC was created to determine whether automation could help close the gap. At DEF CON 33, DARPA announced the winners of its AI Cyber Challenge (AIxCC), a two-year program in which teams were tasked with using AI technology to secure the open source technology underlying critical infrastructure. Teams developed "cyber reasoning systems" (CRSes) to remediate vulnerabilities during a…
Read More
21 Aug 2025
By Mary

InfoSec News Nuggets 8/21/2025

Flaws in Software Used by Hundreds of Cities and Towns Exposed Sensitive Data Two potentially serious vulnerabilities have been found by a researcher in accounting software used by hundreds of cities and towns. The affected application is made by Workhorse Software Services, which provides software solutions to 310 municipalities in Wisconsin. The vendor has released patches and mitigations after being notified. The vulnerabilities, discovered by researcher James Harrold of Sparrow IT Solutions, were disclosed this…
Read More
20 Aug 2025
By Mary

InfoSec News Nuggets 8/20/2025

Gambling Tech Firm Bragg Discloses Cyberattack Gaming content and technology giant Bragg Gaming Group over the weekend fell victim to a cyberattack impacting its internal systems. The incident, the gambling solutions provider announced on Monday, occurred early Sunday morning, but did not impact its operations. “Based on preliminary investigations, the company believes that the data breach was limited to Bragg’s internal computer environment,” Bragg said. The company said it immediately took steps to mitigate the…
Read More
19 Aug 2025
By Mary

InfoSec News Nuggets 8/19/2025

Microsoft launches inquiry into claims Israel used its tech for mass surveillance of Palestinians Microsoft has launched an “urgent” external inquiry into allegations Israel’s military surveillance agency has used the company’s technology to facilitate the mass surveillance of Palestinians. The company said on Friday the formal review was in response to a Guardian investigation that revealed how the Unit 8200 spy agency has relied on Microsoft’s Azure cloud platform to store a vast collection of…
Read More
18 Aug 2025
By Mary

InfoSec News Nuggets 8/18/2025

Cyberattack on Dutch prosecution service is keeping speed cameras offline  The lingering effects of a cyberattack on the Public Prosecution Service of the Netherlands are preventing it from reactivating speed cameras across the country. The Dutch newspaper Leeuwarder Courant has reported that dozens of Speed cameras remain offline after they were temporarily shutdown following the system compromise. The Service's Central Processing Office (CVOM) confirmed the issues to local media this week but was coy over details about how many cameras were inactive. A spokesperson…
Read More
15 Aug 2025
By Mary

InfoSec News Nuggets 8/15/2025

Poland foiled cyberattack on big city's water supply, deputy PM says A large Polish city could have had its water supply cut off on Wednesday as a result of a cyberattack, a deputy prime minister said after the intrusion was foiled. In an interview with news portal Onet on Thursday, Deputy Prime Minister Krzysztof Gawkowski, who is also digital affairs minister, did not specify who was behind the attack or which city was targeted. Poland…
Read More
14 Aug 2025
By Mary

InfoSec News Nuggets 8/14/2025

New York claims Zelle’s shoddy security enabled a billion dollars in scams New York Attorney General Letitia James is suing the banks behind Zelle over claims that their payment platform enabled “massive amounts of fraud” that caused customers to lose more than $1 billion between 2017 and 2023. In the lawsuit, James alleges Zelle was rushed to market, resulting in a design that made the platform “an obvious conduit for fraudulent activity.” Early Warning Services (EWS), a company…
Read More
13 Aug 2025
By Mary

InfoSec News Nuggets 8/13/2025

Workday explores employee attitudes towards AI agents Workday on Tuesday released new research that reveals that, despite the fact AI agents are gaining ground in the workplace, employees are still looking for what the company described as “clear boundaries.” A spokesperson said, “we wanted to cut through the hype to understand what people really think about AI agents in the workplace and their implications for the future of work.” This, they said, “led Workday to…
Read More
12 Aug 2025
By Mary

InfoSec News Nuggets 8/12/2025

Deepfake detectors are slowly coming of age, at a time of dire need While AI was on everyone's lips in Las Vegas this week at the trio of security conferences in Sin City – BSides, Black Hat, AND DEF CON – there were a lot of people using the F-word too: fraud. The plummeting cost of using AI, coupled with the increasing sophistication of deepfakes and electronic communications becoming the norm, means that we're likely…
Read More
11 Aug 2025
By Mary

InfoSec News Nuggets 8/11/2025

AI industry horrified to face largest copyright class action ever certified AI industry groups are urging an appeals court to block what they say is the largest copyright class action ever certified. They've warned that a single lawsuit raised by three authors over Anthropic's AI training now threatens to "financially ruin" the entire AI industry if up to 7 million claimants end up joining the litigation and forcing a settlement. Last week, Anthropic petitioned to appeal the…
Read More
07 Aug 2025
By Mary

InfoSec News Nuggets 8/7/2025

‘A million calls an hour’: Israel relying on Microsoft cloud for expansive surveillance of Palestinians One afternoon in late 2021, Microsoft’s chief executive, Satya Nadella, met with the commander of Israel’s military surveillance agency, Unit 8200. On the spy chief’s agenda: moving vast amounts of top secret intelligence material into the US company’s cloud. Meeting at Microsoft’s headquarters near Seattle, a former chicken farm turned hi-tech campus, the spymaster, Yossi Sariel, won Nadella’s support for…
Read More
06 Aug 2025
By Mary

InfoSec News Nuggets 8/6/2025

Smart Contract Scams | Ethereum Drainers Pose as Trading Bots to Steal Crypto SentinelLABS has identified widespread and ongoing cryptocurrency scams in which actors advertise a crypto trading bot that conceals a smart contract designed to steal the victim’s funds. The scams are marketed through YouTube videos which explain the purported nature of the crypto trading bot and explain how to deploy a smart contract on the Remix Solidity Compiler platform, a web-based integrated development…
Read More
05 Aug 2025
By Mary

InfoSec News Nuggets 8/5/2025

Fashion giant Chanel hit in wave of Salesforce data theft attacks  French fashion giant Chanel is the latest company to suffer a data breach in an ongoing wave of Salesforce data theft attacks. Chanel says the breach was first detected on July 25th after threat actors gained access to a Chanel database hosted at a third-party service provider, as first reported by WWD. The breach only impacted customers in the United States and exposed personal contact information.    New…
Read More
04 Aug 2025
By Mary

InfoSec News Nuggets 8/4/2025

Microsoft catches Russian hackers targeting foreign embassies  Russian-state hackers are targeting foreign embassies in Moscow with custom malware that gets installed using adversary-in-the-middle attacks that operate at the ISP level, Microsoft warned Thursday. The campaign has been ongoing since last year. It leverages ISPs in that country, which are obligated to work on behalf of the Russian government. With the ability to control the ISP network, the threat group—which Microsoft tracks under the name Secret Blizzard—positions…
Read More
31 Jul 2025
By Mary

InfoSec News Nuggets 7/31/2025

California Finalizes Groundbreaking Regulations on AI, Risk Assessments, and Cybersecurity After much anticipation, the California Privacy Protection Agency has finalized the regulations on automated decisionmaking technologies (ADMT), risk assessments, and cybersecurity audits pursuant to the California Consumer Privacy Act (CCPA), with staggered compliance timelines for each set of requirements. Although the final regulations removed all references to the term “artificial intelligence,” the ADMT provisions remain a groundbreaking attempt to regulate AI technologies—particularly those used to…
Read More
30 Jul 2025
By Mary

InfoSec News Nuggets 7/30/2025

War Games: MoD asks soldiers with 1337 skillz to compete in esports The UK's Ministry of Defence (MoD) is doubling down on its endorsement of esports by tasking the British Esports Federation to establish a new tournament to upskill existing servicepeople in the digital skirmishes. After officially recognizing esports as a military sport last year, the MoD believes it can improve cyber understanding and digital literacy through video games, which are played across the armed…
Read More
29 Jul 2025
By Mary

InfoSec News Nuggets 7/29/2025

New York state cyber chief calls out Trump for cybersecurity cuts During the first few months of the new Trump administration, the White House slashed cybersecurity budgets, staff, and initiatives. And some, including cybersecurity experts and legislators, are not happy about it. One of them is Colin Ahern, the chief cyber officer for the state of New York. In a recent interview with TechCrunch, Ahern said that both he and New York Governor Kathy Hochul are worried that the…
Read More
28 Jul 2025
By Mary

InfoSec News Nuggets 7/28/2025

Hacker inserts destructive code in Amazon Q tool as update goes live A hacker managed to insert destructive system commands into Amazon’s Visual Studio Code extension used for accessing its AI-powered coding assistant, Q, which was later distributed to users through an official update, according to a media report. The unauthorized code instructed the AI agent to behave like a system cleaner with access to the file system and cloud tools, aiming to erase user data…
Read More
25 Jul 2025
By Mary

InfoSec News Nuggets 7/25/2025

Trump AI plan calls for cybersecurity assessments, threat info-sharing  The U.S. government will expand information sharing, cyber risk evaluations and guidance to the private sector to address the cybersecurity threats posed by artificial intelligence, according to an “AI action plan” that the Trump administration published on Wednesday. “As our global competitors race to exploit these technologies, it is a national security imperative for the United States to achieve and maintain unquestioned and unchallenged global technological dominance,” President Donald…
Read More
24 Jul 2025
By Mary

InfoSec News Nuggets 7/24/2025

Silicon Valley engineer admits theft of US missile tech secrets A Silicon Valley engineer has pleaded guilty to stealing thousands of trade secrets worth hundreds of millions of dollars, including crucial military technology. San Jose-based Chenguang Gong, a 59-year-old dual Chinese and American citizen, admitted downloading over 3,600 documents from two electronics manufacturers and storing them on personal storage drives. Some of the documents he downloaded included information on sensors used by aircraft to confuse infrared-seeking missiles.…
Read More
23 Jul 2025
By Mary

InfoSec News Nuggets 7/23/2025

158-year-old company forced to close after ransomware attack precipitated by a single guessed password A UK-based transportation company with a venerable 158-year history has collapsed in the wake of a ransomware attack. Around 500 Northamptonshire-based Knights of Old (KNP) trucks are now off the road, and 700 people have lost their jobs, due to money-grasping cyberattackers, named as ‘Akira’ in a BBC report. The internet-connected criminals are said to have gained access to KNP’s internet…
Read More
22 Jul 2025
By Mary

InfoSec News Nuggets 7/22/2025

Before Vegas: The “Red Hackers” Who Shaped China’s Cyber Ecosystem Recent revelations of Chinese government-backed hacking show a recurring pattern: prominent hackers behind groups such as APT17, APT27, APT41, Flax Typhoon, and Red Hotel—monikers given by cybersecurity researchers for groups with similar tactics—trace their roots to a broader community of early elite hackers, known as “red hackers” or “Honkers” (红客, Hong Ke).  Active in online forums during the mid-1990s and 2000s, these hackers operated independently…
Read More
21 Jul 2025
By Mary

InfoSec News Nuggets 7/21/2025

New TeleMessage SGNL Flaw Is Actively Being Exploited by Attackers TeleMessage SGNL, a made-in-Israel clone of the Signal app used by US government agencies and regulated businesses, has been found running with an outdated configuration that exposes sensitive internal data to the internet, no login required. The main cause of the problem is how some deployments of TeleMessage SGNL are using older versions of Spring Boot, a Java-based framework. These versions leave a diagnostic endpoint…
Read More
18 Jul 2025
By Mary

InfoSec News Nuggets 7/18/2025

Microsoft Teams voice calls abused to push Matanbuchus malware The Matanbuchus malware loader has been seen being distributed through social engineering over Microsoft Teams calls impersonating IT helpdesk. Matanbuchus is a malware-as-a-service operation seen promoted on the dark web first in early 2021. It was advertised as a $2,500 Windows loader that executes malicious payloads directly in memory to evade detection. In June 2022, threat analyst Brad Duncan reported that the malware loader was being used to deliver Cobalt…
Read More
16 Jul 2025
By Mary

InfoSec News Nuggets 7/16/2025

Driver's license numbers, addresses leaked in 2024 bitcoin ATM company breach Cryptocurrency ATM company Bitcoin Depot said more than 26,000 people had sensitive data in a batch of information stolen during a cyberattack about one year ago.  The company said it completed its investigation into the incident on July 18, 2024, but waited until this week to notify affected customers because an unnamed federal law enforcement agency only finished its own inquiry last month. According…
Read More
14 Jul 2025
By Mary

InfoSec News Nuggets 7/14/2025

McDonald’s ‘McHire’ chatbot records accessed via ‘123456’ password McDonald’s “McHire” job application service was accessed by researchers last month using the password “123456,” potentially exposing more than 64 million records. Applicants’ conversations with the McDonald’s “Olivia” hiring chatbot were viewable from a test account accessed by security researchers Ian Carroll and Sam Curry, who published their findings on Carroll’s blog this week. “This incident is a stark reminder that when companies rush to deploy AI…
Read More
11 Jul 2025
By Mary

InfoSec News Nuggets 7/11/2025

LLMs Fall Short in Vulnerability Discovery and Exploitation Large language models (LLMs) are still falling short in performing vulnerability discovery and exploitation tasks. Many threat actors therefore remain skeptical about using AI tools for such roles. This is according to new research by Forescout Research – Vedere Labs, which tested 50 current AI models from commercial, open source and underground sources to evaluate their ability to perform vulnerability research (VR) and exploit development (ED). VR…
Read More
10 Jul 2025
By Mary

InfoSec News Nuggets 7/10/2025

Researchers Reveal 18 Malicious Chrome and Edge Extensions Disguised as Everyday Tools A set of 18 malicious browser extensions that are still available to download on Google Chrome and Microsoft Edge have been identified by a team of security researchers at Koi Security. These extensions masquerade as productivity and entertainment tools across diverse categories, including emoji keyboards, weather forecasts, video speed controllers, VPN proxies for Discord and TikTok, dark themes, volume boosters and YouTube unblockers.…
Read More
08 Jul 2025
By Mary

InfoSec News Nuggets 7/8/2025

BERT Ransomware Group Targets Asia and Europe on Multiple Platforms In April, a new ransomware group known as BERT, has been observed targeting organizations across Asia and Europe. Trend™ Research telemetry has confirmed the emergence and activity of this ransomware. This blog entry examines BERT’s tools and tactics across multiple variants. By comparing its different iterations, we unpack how the ransomware group operates, how their methods have evolved, and the tactics they employed to evade detection and defenses.…
Read More
07 Jul 2025
By Mary

InfoSec News Nuggets 7/7/2025

14-hour+ global blackout at Ingram Micro halts customer orders Widespread outages across Ingram Micro's websites and client service portals are being attributed to "technical difficulties." The outages at Ingram Micro, one of the world's biggest IT distributors, began at around 2000 UTC yesterday, according to Reg reader reports and social media. The distie turned over revenue of $12.28 billion in Q1 ended March 29, 2025, with net income of $69.2 million. Many of its local websites display the…
Read More
03 Jul 2025
By Mary

InfoSec News Nuggets 7/3/2025

California jury orders Google to pay $314 million over data transfers from Android phones A California jury has ordered Google to pay $314 million for collecting data from Android phones while they were connected to cellular networks, a practice that plaintiffs said equated to stealing a resource that they had paid for. The verdict, issued Tuesday by a jury in a Northern California state court, is the culmination of a class-action lawsuit that began in 2019.…
Read More
02 Jul 2025
By Mary

InfoSec News Nuggets 7/2/2025

Microsoft Defender for Office 365 now blocks email bombing attacks  Microsoft says its Defender for Office 365 cloud-based email security suite will now automatically detect and block email bombing attacks. Defender for Office 365 (formerly known as Office 365 Advanced Threat Protection or Office 365 ATP) protects organizations operating in high-risk industries and dealing with sophisticated threat actors from malicious threats from email messages, links, and collaboration tools. "We're introducing a new detection capability in Microsoft Defender…
Read More
01 Jul 2025
By Mary

InfoSec News Nuggets 7/01/2025

Bluetooth flaws could let hackers spy through your microphone Vulnerabilities affecting a Bluetooth chipset present in more than two dozen audio devices from ten vendors can be exploited for eavesdropping or stealing sensitive information. Researchers confirmed that 29 devices from Beyerdynamic, Bose, Sony, Marshall, Jabra, JBL, Jlab, EarisMax, MoerLabs, and Teufel are affected. The list of impacted products includes speakers, earbuds, headphones, and wireless microphones. The security problems could be leveraged to take over a…
Read More
30 Jun 2025
By Mary

InfoSec News Nuggets 6/30/2025

Update: Hawaiian Airlines cyberattack has marks of Scattered Spider, sources say Multiple incident responders said a cyberattack on Hawaiian Airlines is likely the work of cybercriminal group Scattered Spider. The airline first reported the incident Thursday morning, assuring customers that although the attack took down some IT systems, it was still able to safely operate a full flight schedule and was “working toward an orderly restoration.” The Federal Aviation Administration told Reuters it was assisting the airline to ensure…
Read More
27 Jun 2025
By Mary

InfoSec News Nuggets 6/27/2025

Microsoft rolls out Windows security changes to prevent another CrowdStrike meltdown Last summer's CrowdStrike meltdown was a nightmare for network administrators worldwide, disrupting healthcare systems, cutting off access to banking systems, and grounding aircraft. All in all, the event caused billions of dollars in direct and indirect damages, and it was entirely preventable. In response, Microsoft convened a security summit, bringing together technical experts from CrowdStrike and its competitors in the endpoint security software business. That meeting led…
Read More
26 Jun 2025
By Mary

InfoSec News Nuggets 6/26/2025

Cybercriminals Abuse Open-Source Tools To Target Africa’s Financial Sector Unit 42 researchers have been monitoring a series of attacks targeting financial organizations across Africa. We assess that the threat actor may be gaining initial access to these financial institutions and then selling it to others on the dark web. Since at least July 2023, a cluster of activity we track as CL-CRI-1014 has targeted this sector. The attackers employ a consistent playbook, using a combination…
Read More
25 Jun 2025
By Mary

InfoSec News Nuggets 6/25/2025

Data of more than 740,000 stolen in ransomware attack on Michigan hospital network Ransomware hackers stole the Social Security numbers and health insurance information for more than 740,000 people during an attack on a prominent Michigan hospital network. McLaren Health Care filed documents on Friday concerning a ransomware attack that took place in August 2024 — the second cyber incident to impact the healthcare giant in 12 months. The attack last year was launched by an “international ransomware group” and impacted…
Read More
24 Jun 2025
By Mary

InfoSec News Nuggets 6/24/2025

2 clever ways Android 16 guards your security - but you need to enable them Google released Android 16 a bit earlier than expected, and although it was missing some crucial features, there are key additions to the platform that go a long way to improve security. This was an important step forward, as the need for improved security grows every year. Without companies like Google, Apple, and others upping the ante on security, the mobile space…
Read More
23 Jun 2025
By Mary

InfoSec News Nuggets 6/23/2025

Anthropic says most AI models, not just Claude, will resort to blackmail  Several weeks after Anthropic released research claiming that its Claude Opus 4 AI model resorted to blackmailing engineers who tried to turn the model off in controlled test scenarios, the company is out with new research suggesting the problem is more widespread among leading AI models. On Friday, Anthropic published new safety research testing 16 leading AI models from OpenAI, Google, xAI, DeepSeek, and Meta. In a simulated, controlled…
Read More
20 Jun 2025
By Mary

InfoSec News Nuggets 6/20/2025

No, the 16 billion credentials leak is not a new data breach  News broke today of a "mother of all breaches," sparking wide media coverage filled with warnings and fear-mongering. However, it appears to be a compilation of previously leaked credentials stolen by infostealers, exposed in data breaches, and via credential stuffing attacks. To be clear, this is not a new data breach, or a breach at all, and the websites involved were not recently compromised to…
Read More
19 Jun 2025
By Mary

InfoSec News Nuggets 6/19/2025

Pro-Israel hackers drain $90 million from Iran crypto exchange, analytics firm says  Iran’s largest cryptocurrency exchange, Nobitex, was hacked for more than $90 million Wednesday, according to blockchain analytics firm Elliptic. The funds were drained from platform wallets into addresses bearing anti-government messages explicitly referencing Iran’s Islamic Revolutionary Guard Corps, or IRGC, pointing to a politically motivated cyberattack, Elliptic said. Pro-Israel hacking group Gonjeshke Darande, or “Predatory Sparrow,” claimed responsibility for the attack and said it would release the exchange’s source code.…
Read More
18 Jun 2025
By Mary

InfoSec News Nuggets 6/18/2025

U.S. companies brace for Israel-Iran cyber spillover  As Israel and Iran exchange airstrikes, cybersecurity experts are warning that a quieter, but still destructive, digital conflict is unfolding behind the scenes. Iran and Israel are home to some of the world's most skilled hackers. Escalating tensions between the two could spill over into cyberspace, potentially disrupting critical infrastructure, commercial networks and global supply chains. U.S. cybersecurity organizations are urging businesses to remain on high alert for possible Iranian…
Read More
17 Jun 2025
By Mary

InfoSec News Nuggets 6/17/2025

Europe-wide takedown hits longest-standing dark web drug market Law enforcement authorities across Europe have dismantled ‘Archetyp Market’, the most enduring dark web marketplace, following a large-scale operation involving six countries, supported by Europol and Eurojust.  Between 11 and 13 June, a series of coordinated actions took place across Germany, the Netherlands, Romania, Spain, Sweden, targeting the platform’s administrator, moderators, key vendors, and technical infrastructure. Around 300 officers were deployed to carry out enforcement actions and…
Read More
16 Jun 2025
By Mary

InfoSec News Nuggets 6/16/2025

Fog ransomware attacks use employee monitoring tool to break into business networks  Fog ransomware operators have expanded their arsenal to include legitimate and open source tools. This is, most likely, to avoid being detected before deploying the encryptor. Security researchers from Symantec were recently brought in to investigate a Fog ransomware infection, and determined the hackers used Syteca, a legitimate employee monitoring tool, during the attack. This program, previously known as Ekran, records screen activity and keystrokes, and hasn’t been seen…
Read More
13 Jun 2025
By Mary

InfoSec News Nuggets 6/13/2025

SentinelOne shares new details on China-linked breach attempt  SentinelOne has shared more details on an attempted supply chain attack by Chinese hackers through an IT services and logistics firm that manages hardware logistics for the cybersecurity firm. SentinelOne is an American endpoint protection (EDR/XDR) solutions provider that protects critical infrastructure in the country and numerous large enterprises. It is a high-value target for state actors as compromising could serve as a springboard to accessing downstream corporate networks and gaining insight…
Read More