top of page


Enterprise Security Tech
A cybersecurity resource for CxOs
Search


Malicious AI Coding Plugins Hit JetBrains Marketplace, Stealing API Keys From Developers
A coordinated malware campaign on the JetBrains Marketplace is turning trusted developer tools into a credential theft pipeline, according to new research from Aikido Security. Researchers identified 15 malicious JetBrains plugins posing as AI coding assistants for DeepSeek and other large language models. The plugins advertise common developer features such as chat, code review, commit message generation, bug detection, and unit test creation. The catch: when users enter an
Jun 17


DragonForce Ransomware Is Hiding in Microsoft Teams Traffic
A DragonForce ransomware attack has exposed a new problem for enterprise defenders: attackers are no longer just hiding behind disposable servers and shady domains. They are increasingly blending into the trusted cloud services companies rely on every day. Broadcom’s Symantec and Carbon Black threat hunters say they found a new Go-based backdoor, tracked as Backdoor.Turn, during an investigation into an attack on a U.S. services company. The malware is notable because it rout
Jun 17


Kodak Breach Adds to ShinyHunters’ Growing Data Extortion Wave
Eastman Kodak has confirmed it is investigating a data breach after the ShinyHunters extortion group claimed it stole more than 2.2 million records containing customer personally identifiable information and internal corporate data. Kodak said an unauthorized third party briefly accessed a limited amount of company data and that outside cybersecurity experts are helping determine what was accessed and copied. The company said it is working with law enforcement and does not be
Jun 17


Atomic Arch Supply Chain Attack Hits Arch Linux AUR With 1,500 Malicious Packages
A large-scale Linux supply chain attack has hit the Arch User Repository, exposing how quickly community package ecosystems can be turned into malware delivery networks when trust, automation and abandoned projects collide. The campaign, now tracked by researchers as Atomic Arch, began last week and had pushed more than 1,500 malicious packages into AUR by June 11. AUR is the community-maintained software hub used by Arch Linux users to share PKGBUILD scripts for software tha
Jun 16


GreatXML Windows Zero-Day Turns Defender Offline Scan Into a BitLocker Backdoor
The post-compromise technique abuses Windows Recovery Environment to create persistent access to BitLocker-encrypted data, with no patch currently available. According to the Cyderes Howler Cell team, a newly disclosed Windows zero-day called GreatXML can turn Microsoft Defender’s offline scanning process into a pathway for accessing BitLocker-encrypted data without a recovery key or user credentials. The technique targets the interaction between Windows Recovery Environment,
Jun 11


Kali365 Phishing Platform Turns Microsoft Logins Into an AI-Powered Fraud Pipeline
The phishing-as-a-service operation uses Microsoft device codes, stolen authentication tokens and AI-generated business email compromise messages to help attackers bypass traditional account defenses. A newly analyzed phishing platform known as Kali365 is giving cybercriminals an unusually complete toolkit for compromising Microsoft 365 accounts and converting stolen access into financial fraud. Huntress researchers uncovered the operation after detecting a spike in device co
Jun 11
bottom of page