Npav Lab

Learn about the ransomware attack on Sensata Technologies, a leading industrial tech firm. Discover how the breach impacted operations, compromised customer data, and the company's response, including credit monitoring for affected individuals.

Learn about a critical vulnerability in Google's account recovery system that allowed attackers to access any user's phone number through a brute-force attack, highlighting the importance of security audits for legacy systems.

Discover how two separate botnets exploit the critical Wazuh Server vulnerability (CVE-2025-24016) to launch Mirai-based DDoS attacks, targeting IoT devices and highlighting the urgency of cybersecurity measures.

Cybersecurity experts reveal a significant supply chain attack affecting npm and PyPI ecosystems, compromising numerous packages and exposing millions of users to malware. Learn about the affected packages and how to protect yourself.

Business Email Compromise (BEC) attacks are stealthy, effective, and devastating. With no malware involved, these attacks bypass traditional security filters, trick employees, and siphon sensitive data or funds. But with real-time visibility through interactive sandboxing and endpoint protection like Net Protector, businesses can stay one step ahead.

Quick commerce startup KiranaPro suffers a devastating cyberattack, resulting in deletion of app code and exposure of sensitive user data via AWS and GitHub breach. KiranaPro, the voice-enabled AI-powered grocery delivery platform, has fallen victim to a severe cyberattack that wiped out its application code and compromised personal user data. The breach has halted order processing on the platform, exposing glaring vulnerabilities in cloud security and account access control.

Luxury under threat: Cartier, the prestigious fashion house, has revealed a data breach following a cyberattack that compromised personal customer data. The breach is part of a broader wave of cyber threats hitting global fashion brands, raising concerns about how high-end retail is being exploited for customer data.

Google’s trusted scripting platform is the latest weapon in phishing arsenals, helping attackers craft convincing credential-stealing campaigns that evade traditional email filters. Cybercriminals are leveraging Google Apps Script, a legitimate tool in Google’s Workspace suite, to host phishing pages that appear trustworthy to both users and security systems. According to research by Cofense, attackers are disguising these pages as authentic login portals to trick users into submitting their credentials — all while operating under the umbrella of a trusted Google domain.