supply chain compromise
![backdoor](https://img.helpnetsecurity.com/wp-content/uploads/2024/04/02170809/backdoor-2-1500-400x200.webp)
Compromised plugins found on WordPress.org
An unknown threat actor has compromised five (and possibly more) WordPress plugins and injected them with code that creates a new admin account, effectively allowing them …
![malware](https://img.helpnetsecurity.com/wp-content/uploads/2024/03/25121759/malware-computer-1-1500-400x200.webp)
Compromised courtroom recording software was served from vendor’s official site
Courtroom recording software JAVS Viewer has been saddled with loader malware and has been served from the developer’s site since at least April 2, a threat researcher …
![backdoor](https://img.helpnetsecurity.com/wp-content/uploads/2024/04/02170809/backdoor-2-1500-400x200.webp)
XZ Utils backdoor: Detection tools, scripts, rules
As the analysis of the backdoor in XZ Utils continues, several security companies have provided tools and advice on how to detect its presence on Linux systems. What happened? …
![Linux alert](https://img.helpnetsecurity.com/wp-content/uploads/2024/03/29183422/linux-alert-1500-2-400x200.webp)
Beware! Backdoor found in XZ utilities used by many Linux distros (CVE-2024-3094)
UPDATE: April 9, 09:23 AM ET Two stories have been published since this initial release: Which Linux distros are affected and what can you do? XZ Utils backdoor: Detection …
![chain](https://img.helpnetsecurity.com/wp-content/uploads/2023/07/13152653/chain1-400x200.jpg)
Organizations prefer a combination of AI and human analysts to monitor their digital supply chain
The number of cyber breaches targeting organizations’ supply chains continues to rise, with an average 4.16 breaches reported to be negatively impacting operations this …
![North Korea](https://img.helpnetsecurity.com/wp-content/uploads/2023/07/21143809/north_korea-400x200.jpg)
North Korean hackers are targeting software developers and impersonating IT workers
State-sponsored North Korean hackers have significantly intensified their focus on the IT sector in recent years, by infiltrating firms developing software and companies …
![Retool](https://img.helpnetsecurity.com/wp-content/uploads/2023/09/14165340/retool2-400x200.jpg)
Attackers hit software firm Retool to get to crypto companies and assets
Retool, the company behind the popular development platform for building internal business software, has suffered a breach that allowed attackers to access and take over …
![lock](https://img.helpnetsecurity.com/wp-content/uploads/2023/06/07131850/lock-texture-400x200.jpg)
Exploring the macro shifts in enterprise security
The number of successful ransomware attacks and data breach attempts fell by 30% over the last year, the number of reported security incident types at organizations increased, …
![puzzle](https://img.helpnetsecurity.com/wp-content/uploads/2019/07/09093834/puzzle-400x200.jpg)
3CX breach linked to previous supply chain compromise
Pieces of the 3CX supply chain compromise puzzle are starting to fall into place, though we’re still far away from seeing the complete picture. In the meantime, we now …
![3CX](https://img.helpnetsecurity.com/wp-content/uploads/2023/03/30122613/3cx-trojanized-app-1000-400x200.jpg)
3CX compromise: More details about the breach, new PWA app released
3CX has released an interim report about Mandiant’s findings related to the compromise the company suffered last month, which resulted in a supply chain attack targeting …
![3CX](https://img.helpnetsecurity.com/wp-content/uploads/2023/04/03150300/3cx-1600-400x200.jpg)
3CX supply chain attack: What do we know?
Five days have passed since the supply chain attack targeting 3CX customers gained wider public attention, but the software’s manufacturer is yet to confirm how the …
![3CX](https://img.helpnetsecurity.com/wp-content/uploads/2023/03/30122613/3cx-trojanized-app-1000-400x200.jpg)
3CX customers targeted via trojanized desktop app
Suspected state-sponsored threat actors have trojanized the official Windows desktop app of the widely used 3CX softphone solution, a number of cybersecurity companies began …