VS Code Marketplace Flaw Lets Attackers Reuse Deleted Extension Names, Researchers Warn Summary of the discovery Security researchers at ReversingLabs identified a loophole in the Visual Studio Code Marketplace that can be abused to republish extensions using the same names as previously removed packages. ReversingLabs reported the finding after it observed a malicious extension called…
VS Code Marketplace Flaw Lets Attackers Republish Names of Deleted Extensions Summary of the finding Security researchers at ReversingLabs reported a weakness in the Visual Studio Code (VS Code) Marketplace that permitted actors to reuse the names of extensions that had previously been removed. The discovery followed the identification of a malicious extension named “ahbanC.shiba”…
MathWorks breach: ransomware gang exfiltrated data on more than 10,000 people Overview of the incident MathWorks, the developer of MATLAB and Simulink, disclosed that a ransomware group breached its network in April and stole data relating to more than 10,000 people. The company reported the incident publicly after detecting the intrusion and the subsequent data…
Why Code-to-Cloud Mapping Is Becoming Essential for AppSec in 2025 The problem at a glance Picture this: developers push a change that looks harmless in a local environment but contains a subtle flaw that turns into a large-scale incident once deployed to cloud infrastructure. The vulnerability goes unnoticed until it is exploited, and the organization…
Storm-0501 Abuses Entra ID to Exfiltrate and Delete Azure Data in Hybrid Cloud Extortion Campaign Summary of the incident Recent reporting identifies a financially motivated threat actor tracked as Storm-0501 refining tactics to target hybrid cloud environments. The actor has been observed abusing Microsoft Entra ID (formerly Azure Active Directory) to gain access to Azure…
Cyberattack on Miljödata Disrupts Services Across More Than 200 Swedish Municipalities What happened An attack targeting Miljödata, an IT-systems supplier used by roughly 80% of Sweden’s municipalities, has caused accessibility problems in more than 200 municipal regions, according to reporting by BleepingComputer. The supplier’s systems support a wide range of municipal IT services; the incident…
Over 28,200 Citrix Instances Exposed to Actively Exploited RCE (CVE-2025-7775) Summary: What we know More than 28,200 Citrix instances are vulnerable to a critical remote code execution vulnerability tracked as CVE-2025-7775, and evidence indicates the flaw is already being exploited in the wild. The scale and active exploitation elevate this from a routine patch cycle…
Let’s face it: we all use email, and we all use passwords. Passwords create an inherent vulnerability in the system. The success rate of phishing attacks is skyrocketing, and opportunities for attack have multiplied enormously as life has moved online. All it takes is one compromised password for all other users to fall victim to…
Remote Desktop Protocol (RDP) is a protocol, or technical standard, for using a desktop computer remotely. Remote desktop software can use several different protocols, including RDP, Independent Computing Architecture (ICA), and Virtual Network Computing (VNC), but RDP is the most widely used protocol. RDP was initially released by Microsoft and is available for most Windows…
With the support of the open-source community and a strict privilege system built into its architecture, Linux has security built into its design. That said, gone are the days when Linux system administrators could get away with poor security practices. Cybercriminals have come to view Linux as a viable attack target due to its growing…