News - The Marron Group

India Orders Phone Makers to Pre-Install Sanchar Saathi App to Tackle Telecom Fraud

India Orders Phone Makers to Pre-Install Sanchar Saathi App to Tackle Telecom Fraud

Surveillance / National Security India's telecommunications ministry has reportedly asked major mobile device manufacturers to preload a government-backed cybersecurity app named Sanchar Saathi on all new phones within 90 [...]

CISA Adds Actively Exploited XSS Bug CVE-2021-26829 in OpenPLC ScadaBR to KEV

CISA Adds Actively Exploited XSS Bug CVE-2021-26829 in OpenPLC ScadaBR to KEV

Hacktivism / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities (KEV) catalog to include a security flaw impacting OpenPLC ScadaBR, citing evidence [...]

Londoners told to be vigilant with messages after cyber-attack on council

Londoners told to be vigilant with messages after cyber-attack on council

A London council has urged thousands of residents to be “extra vigilant” when receiving calls, emails or text messages after confirming that data had been taken in a cyber-attack.The [...]

Legacy Python Bootstrap Scripts Create Domain-Takeover Risk in Multiple PyPI Packages

Legacy Python Bootstrap Scripts Create Domain-Takeover Risk in Multiple PyPI Packages

Malware / Vulnerability Cybersecurity researchers have discovered vulnerable code in legacy Python packages that could potentially pave the way for a supply chain compromise on the Python Package Index [...]

North Korean Hackers Deploy 197 npm Packages to Spread Updated OtterCookie Malware

North Korean Hackers Deploy 197 npm Packages to Spread Updated OtterCookie Malware

Supply Chain Attack / Malware The North Korean threat actors behind the Contagious Interview campaign have continued to flood the npm registry with 197 more malicious packages since last [...]

Bloody Wolf Expands Java-based NetSupport RAT Attacks in Kyrgyzstan and Uzbekistan

Bloody Wolf Expands Java-based NetSupport RAT Attacks in Kyrgyzstan and Uzbekistan

Malware / Social Engineering The threat actor known as Bloody Wolf has been attributed to a cyber attack campaign that has targeted Kyrgyzstan since at least June 2025 with [...]

Shai-Hulud v2 Campaign Spreads From npm to Maven, Exposing Thousands of Secrets

Shai-Hulud v2 Campaign Spreads From npm to Maven, Exposing Thousands of Secrets

The second wave of the Shai-Hulud supply chain attack has spilled over to the Maven ecosystem after compromising more than 830 packages in the npm registry. The Socket Research [...]

London councils enact emergency plans after three hit by cyber-attack

London councils enact emergency plans after three hit by cyber-attack

Three London councils have reported a cyber-attack, prompting the rollout of emergency plans and the involvement of the National Crime Agency (NCA) as they investigate whether any data has [...]

Years of JSONFormatter and CodeBeautify Leaks Expose Thousands of Passwords and API Keys

Years of JSONFormatter and CodeBeautify Leaks Expose Thousands of Passwords and API Keys

Data Exposure / Cloud Security New research has found that organizations in various sensitive sectors, including governments, telecoms, and critical infrastructure, are pasting passwords and credentials into online tools [...]

New Fluent Bit Flaws Expose Cloud to RCE and Stealthy Infrastructure Intrusions

New Fluent Bit Flaws Expose Cloud to RCE and Stealthy Infrastructure Intrusions

Vulnerability / Container Security Cybersecurity researchers have discovered five vulnerabilities in Fluent Bit, an open-source and lightweight telemetry agent, that could be chained to compromise and take over cloud [...]

Contact Us