Juha Saarinen

Juha Saarinen has been covering the technology sector since the mid-1990s for publications around the world. In addition to techpartner.news, he has written for iTnews since 2010 and also contributes to the New Zealand Herald, the Guardian and Wired's Threat Level section.

He is based in Auckland, New Zealand.

Recent articles by Juha Saarinen

Google Workspace adds AI ransomware detection and sync pausing for Drive

Google Workspace adds AI ransomware detection and sync pausing for Drive

Will not stop and remove ransomware locally, however.
Juha Saarinen Oct 1 2025 7:01AM Security
First malicious MCP server for AI found

First malicious MCP server for AI found

Simple code change created email harvester.
Juha Saarinen Sep 30 2025 10:36AM Security
GitHub acts on npm security after Shai-Hulud worm attack

GitHub acts on npm security after Shai-Hulud worm attack

Enhanced trusted publishing to limit ongoing supply chain attacks.
Juha Saarinen Sep 29 2025 2:34PM Security
Stealthy, persistent "BRICKSTORM" spying backdoor found in network infrastructure

Stealthy, persistent "BRICKSTORM" spying backdoor found in network infrastructure

Range of industry verticals targeted by patient threat actors.
Juha Saarinen Sep 25 2025 5:33PM Security
Researchers uncover polished ShadowV2 DDoS-as-a-service cloud botnet

Researchers uncover polished ShadowV2 DDoS-as-a-service cloud botnet

Indicates professional cloud development experience.
Juha Saarinen Sep 24 2025 10:22AM Security
US Secret Service seizes New York City SIM farm near UN

US Secret Service seizes New York City SIM farm near UN

Nation-state threat actors may be involved.
Juha Saarinen Sep 24 2025 9:15AM Security
Google's revised AI safety framework adds manipulation protection

Google's revised AI safety framework adds manipulation protection

Version 3.0 of Frontier Safety Framework released.
Juha Saarinen Sep 23 2025 2:09PM Security
Alleged Scattered Spider hacker surrenders to US police

Alleged Scattered Spider hacker surrenders to US police

Following arrests of other alleged group members in the UK.
Juha Saarinen Sep 23 2025 10:37AM Security
Actor auth tokens gave Global Admin access across Azure Entra ID tenants

Actor auth tokens gave Global Admin access across Azure Entra ID tenants

Legacy authentication bypassed modern security controls and logging.
Juha Saarinen Sep 18 2025 1:24PM Security
FileFix attack tricks users into running image-borne malware

FileFix attack tricks users into running image-borne malware

New phishing menace exploiting users being helpful.
Juha Saarinen Sep 18 2025 5:57AM Security
Microsoft outs Nigerian as RaccoonO365 PhaaS boss

Microsoft outs Nigerian as RaccoonO365 PhaaS boss

OpSec flub unmasked criminals.
Juha Saarinen Sep 17 2025 10:47AM Security
First npm worm "Shai-Hulud" released in supply chain attack

First npm worm "Shai-Hulud" released in supply chain attack

Related to recent s1ngularity compromise.
Juha Saarinen Sep 17 2025 10:20AM Security
AFP nabs alleged smisher targeting mobile phone customers

AFP nabs alleged smisher targeting mobile phone customers

Unknown amount of personal information harvested.
Juha Saarinen Sep 15 2025 5:13PM Security
Security firm strikes telemetry jackpot as cybercrim self-monitors

Security firm strikes telemetry jackpot as cybercrim self-monitors

Gleans unique information on modus operandi and tools.
Juha Saarinen Sep 12 2025 2:05PM Security
"VoidProxy" PhishKit targets Google and Microsoft users

"VoidProxy" PhishKit targets Google and Microsoft users

Can bypass common multi-factor authentication.
Juha Saarinen Sep 12 2025 12:02PM Security
Apple adds "mercenary spyware" protection to new A19 chip

Apple adds "mercenary spyware" protection to new A19 chip

New hardware defence integrated with operating system safety features.
Juha Saarinen Sep 11 2025 6:54AM Security
Phishing attack nets enormous npm supply chain compromise

Phishing attack nets enormous npm supply chain compromise

Developers targeted in new hacking campaign.
Juha Saarinen Sep 9 2025 12:54PM Security
Most pandemic-era ransomware raids conducted by two gangs

Most pandemic-era ransomware raids conducted by two gangs

Criminals evolve into professional as-a-service operators.
Juha Saarinen Sep 9 2025 12:33PM Security
Salesloft hacked via GitHub and AWS in March, Mandiant finds

Salesloft hacked via GitHub and AWS in March, Mandiant finds

Incident root cause clarified.
Juha Saarinen Sep 8 2025 6:57PM Security
Cert authority issued multiple rogue TLS credentials for Cloudflare DNS

Cert authority issued multiple rogue TLS credentials for Cloudflare DNS

Internal testing brought on external failures.
Juha Saarinen Sep 5 2025 6:45PM Security

Log In

  |  Forgot your password?