NuGet, PyPi and npm inundated with malicious packages

In some cases, the threat actor's intent was to ultimately provide SIM-swapping services

These are some of the key findings from the latest Check Point Research Most Wanted report

The vulnerability could allow remote code execution (RCE) on a victim's device

Free OSV-Scanner searches transitive dependencies

FCA warns of pressure tactics as cost of living bites

Close to 50 CVEs addressed this month

No passwords were reportedly exposed, but Twitter prompted users to enable 2FA to protect accounts

At the time of writing, the California Budget website remains offline

Company information was stolen from third-party vendor Teqtivity and posted on a dark web forum

Researchers claim AI bot can write malware and craft phishing emails

Country bucks the global trend thanks to high-profile incidents

Apogee study finds just 14% consider it a priority

A total of roughly 100,000 people had their personal data stolen during the cyber-attack

The main downloader script and further payloads were hosted in different locations

Requested ransom payment demands ranged from $250,000 to over $2m

Endor Labs warns of dangerous complexities in open source

Report associates new intelligence-gathering tactic with Kimsuky group

Competition awards winning participants nearly $1m

The campaigns observed by Cisco Talos have resulted in the creation of two botnets