Innovation
Strapi's deceptive npm packages run when installing
Recently, security researchers discovered a campaign that introduced malicious packages into the npm record posing as supplements to Strapi, the popular CMS of Node.js. The trap w…
Category of intelligence
Innovation
News on technological advances, startups and new trends
Innovation
The campaign that hacked Axios exposes the fragility of software supply chains
This week the development community of Node.js had to fit in an uncomfortable reminder: the supply chains of the software are as fragile as the people who maintain them. Popular H…
Innovation
When a false download spies on you: the WhatsApp case and the corporate surveillance boom
WhatsApp has detected a campaign in which about 200 users were induced to install in their iPhones a false version of the app that was infected with spyware. Most of the people af…
Innovation
The IA that talks to you between innovation and responsibility
We live in a time when talking to a machine no longer seems like a science fiction thing; it's the new normality. Large language models - the systems that feed assistants, chatbot…
Innovation
Legitimate sessions, real intrusions: the new risk map in the Zero Trust era
Perimetral security has long ceased to be the only barrier between our companies and the attackers, but what is changing with force is the way these actors get in: they no longer …
Innovation
Google Play imposes developer verification: the real identity to stop malicious apps
Google has started officially deploying the verification of developers on Google Play, a measure designed to reduce the proliferation of malicious applications and those that are …
Innovation
The Uranium Finance hack shows that a simple code failure can steal millions and activate legal action in the critical world
In April 2021, a vulnerability in the code of a small decentralized exchange ended with over $50 million in digital assets disappearing within minutes. Now, almost four years late…
Innovation
DeepLoad: the charger hidden in Windows that steals credentials and evades detection
In recent months a campaign has emerged that combines ingenious social engineering with advanced stealth techniques to spread a new malware charger named DeepLoad. What makes it p…
Innovation
Agenic SOC From the promise of the IA to real results How to evaluate, measure and govern their impact on your SOC
The market for the so-called Agenic SOC - or IA agents for security operations centres - is in the middle of a boil. Over the past 18 months, dozens of initiatives have emerged th…