Addressing a surge in package registry attacks, GitHub is strengthening npm’s security with stricter authentication, granular tokens, and enhanced trusted publishing to restore trust in the open source ecosystem. Open source software is the bedrock of the modern software industry. Its collaborative nature and vast ecosystem empower developers worldwide, driving […]

# The Phantom Extension: Backdooring chrome through uncharted pathways The increasing hardening of traditional Windows components such as LSASS has pushed attackers to explore alternative entry points. Among these, web browsers have emerged as highly valuable targets since they are now the primary gateway to sensitive data and enterprise cloud […]

This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data. You can email the site owner […]

Since early 2025, Check Point Research (CPR) has tracked waves of Nimbus Manticore activity. Known as **UNC1549 or Smoke** **Sandstorm,** Nimbus Manticore is a mature Iran-nexus APT group that primarily targets aerospace and defense organizations in the Middle East and Europe. Some of its operations were also previously described as the _Iranian DreamJob_ campaign. […]

**security-research** Public # Entrust nShield Connect XC – Multiple Vulnerabilities Leading to Insecure Boot Chain Protections ## Package ## Affected versions ## Patched versions ## Description ### Summary The tested nShield Connect XC HSM appliance (software version 13.6.3) can be rooted and backdoored via physical attack vectors in less than […]

# Exploring GrapheneOS secure allocator: Hardened Malloc GrapheneOS is a mobile operating system based on Android and focusing on privacy and security. To enhance further the security of their product, GrapheneOS developpers introduced a new libc allocator : **hardened malloc.** This allocator has a security-focused design in mind to protect […]

Researcher **Published:** 17 September 2025 at 12:40 UTC **Updated:** 17 September 2025 at 13:01 UTC Many testers and tools give up the moment a protocol upgrade to WebSocket occurs, or only perform shallow analysis. This is a huge blind spot, leaving many bugs like Broken Access Controls, Race conditions, and […]

**Research by:** Antonis Terefos ( **@Tera0017**) The **Pure malware family** is a suite of malicious tools developed and sold by the author known as **PureCoder**. This suite includes **PureHVNC RAT** (a remote administration tool and predecessor to **PureRAT**), **PureCrypter** (a malware obfuscator), **PureLogs** (a stealer/logger), and several other tools. The malicious software is advertised and distributed through underground forums, Telegram channels, […]

# Dissecting DCOM part 1 This is the first article on the “Dissecting DCOM” series. This article aims at giving an introduction to the base principles of COM and DCOM protocols as well as a detailed network analysis of DCOM. No previous knowledge is required. The following articles will dig […]

Check Point Research discovered a new ransomware group on September 5. The group calls themselves Yurei (a sort of spirit in Japanese folklore), and initially listed one victim, a Sri Lankan food manufacturing company, on their darknet blog. These blogs are used by ransomware groups to list their victims, show […]