Bleeping Computer

New PhantomRaven NPM attack wave steals dev data via 88 packages

New attack waves from the ‘PhantomRaven’ supply-chain campaign are hitting the npm registry, with dozens of malicious packages that exfiltrate sensitive data from JavaScript developers. The campaign ...

Microsoft brings phishing-resistant Windows sign-ins via Entra passkeys

Microsoft is rolling out passkey support for Microsoft Entra on Windows devices, adding phishing-resistant passwordless authentication via Windows Hello.
WeLiveSecurity

Sednit reloaded: Back in the trenches

ESET researchers document how the Sednit APT group has reemerged with a modern toolkit centered on two paired implants – BeardShell and Covenant.
Security Boulevard

Post-Quantum Cryptographic Agility in MCP Resource Governance

Learn how to secure Model Context Protocol (mcp) deployments with post-quantum cryptographic agility and granular resource governance to prevent quantum threats.