Dark Reading

Real-Time Banking Trojan Strikes Brazil's Pix Users

The latest banking Trojan campaign to hit Brazil combines classic malware with a real-time human operator, waiting for the perfect moment to strike.

ECB reveals Appia roadmap for central bank money in Europe’s tokenized markets

The Eurosystem, led by the ECB, has published its Appia roadmap to build Europe’s tokenized financial ecosystem and launch the Pontes DLT platform.
InfoQ

AI-Powered Bot Compromises GitHub Actions Workflows Across Microsoft, DataDog, and CNCF Projects

AI-powered bot hackerbot-claw exploited GitHub Actions workflows across Microsoft, DataDog, and CNCF projects over 7 days using 5 attack techniques. Bot achieved RCE in 5 of 7 targets, stole GitHub ...

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...

New PhantomRaven NPM attack wave steals dev data via 88 packages

New attack waves from the 'PhantomRaven' supply-chain campaign are hitting the npm registry, with dozens of malicious packages that exfiltrate sensitive data from JavaScript developers.
Nasdaq

Nasdaq Verafin 2024 Global Financial Crime Report

This report brings together expert research and data, industry perspectives, and the voices of survivors, providing a unique view into the scope and impact of financial crime – and the scale of ...