Ghostwriter Targets Ukrainian Government With Geofenced PDF Phishing, Cobalt Strike
What's new: The threat actor known as UNC1151 (also referred to as Ghostwriter) has launched a phishing campaign targeting Ukrainian...
Information Security
NSAuditor AI EE 0.6.0 Milestone — NEW Plugin 1160 AWS VPC Endpoints / PrivateLink Auditor Opens v0.6.x Line With Plugin-Breadth Expansion (Plugin Count 20 → 21)
What's new: Nsasoft US LLC has shipped NSAuditor AI Enterprise Edition 0.6.0 — the minor-version milestone bump opening the v0.6.x...
18-Year-Old NGINX Rewrite Module Flaw Enables Unauthenticated RCE
What's new: A critical vulnerability, CVE-2026-42945, has been identified in NGINX's rewrite module, allowing unauthenticated remote code execution (RCE). This...
Stealer Backdoor Found in 3 Node-IPC Versions Targeting Developer Secrets
What's new: Three malicious versions of the Node-IPC package (versions 11.10.2, 11.10.3, and 11.10.4) have been identified, containing a stealer...
NSAuditor AI EE 0.5.4 Closes the v0.5.x Line — Cross-Plugin Thread H §7.5 (KMS-Promoter Map-Form Signature Hardening) + §8 (Operator-Config DoS Caps); Clean Reviewer Pass
What's new: Nsasoft US LLC has shipped NSAuditor AI Enterprise Edition 0.5.4 — the final v0.5.x close-out cycle and the...
