451 PyPI packages install Chrome extensions to steal crypto
Over 450 malicious PyPI python packages were found installing malicious browser extensions to hijack cryptocurrency transactions made through browser-based crypto...
News
New ‘MortalKombat’ ransomware targets systems in the U.S.
Hackers conducting a new financially motivated campaign are using a variant of the Xortist commodity ransomware named 'MortalKombat,' together with...
Apple fixes new WebKit zero-day exploited to hack iPhones, Macs
Apple has released emergency security updates to address a new zero-day vulnerability used in attacks to hack iPhones, iPads, and...
New stealthy ‘Beep’ malware focuses heavily on evading detection
A new stealthy malware named 'Beep' was discovered last week, featuring many features to evade analysis and detection by security...
Microsoft: Exchange Server 2013 reaches end of support in April
Microsoft has reminded admins that Exchange Server 2013 is reaching its extended end-of-support (EOS) date in 60 days, on April...
NPM packages posing as speed testers install crypto miners instead
A new set of 16 malicious NPM packages are pretending to be internet speed testers but are, in reality, coinminers...
RedEyes hackers use new malware to steal data from Windows, phones
The APT37 threat group uses a new evasive 'M2RAT' malware and steganography to target individuals for intelligence collection. APT37, also...
Healthcare giant CHS reports first data breach in GoAnywhere hacks
Community Health Systems (CHS) says it was impacted by a recent wave of attacks targeting a zero-day vulnerability in Fortra’s...
Google Rolling Out Privacy Sandbox Beta on Android 13 Devices
Google announced on Tuesday that it's officially rolling out Privacy Sandbox on Android in beta to eligible mobile devices running...
Update Now: Microsoft Releases Patches for 3 Actively Exploited Windows Vulnerabilities
Microsoft on Tuesday released security updates to address 75 flaws spanning its product portfolio, three of which have come under...
A CISOs Practical Guide to Storage and Backup Ransomware Resiliency
One thing is clear. The "business value" of data continues to grow, making it an organization's primary piece of intellectual...
Chinese Hackers Targeting South American Diplomatic Entities with ShadowPad
Microsoft on Monday attributed a China-based cyber espionage actor to a set of attacks targeting diplomatic entities in South America....
Python Developers Beware: Clipper Malware Found in 450+ PyPI Packages!
Malicious actors have published more than 451 unique Python packages on the official Python Package Index (PyPI) repository in an...
Massive AdSense Fraud Campaign Uncovered – 10,000+ WordPress Sites Infected
The threat actors behind the black hat redirect malware campaign have scaled up their campaign to use more than 70...
US-CERT Bulletin (SB23-045):Vulnerability Summary for the Week of February 6, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
New ESXiArgs Ransomware Variant Emerges After CISA Releases Decryptor Tool
After the U.S. Cybersecurity and Infrastructure Security Agency (CISA) released a decryptor for affected victims to recover from ESXiArgs...
CISA Warns of Active Attacks Exploiting Fortra MFT, TerraMaster NAS, and Intel Driver Flaws
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added three flaws to its Known Exploited Vulnerabilities (KEV) catalog,...
Enigma, Vector, and TgToxic: The New Threats to Cryptocurrency Users
Suspected Russian threat actors have been targeting Eastern European users in the crypto industry with fake job opportunities...
Hackers Targeting U.S. and German Firms Monitor Victims’ Desktops with Screenshotter
A previously unknown threat actor has been targeting companies in the U.S. and Germany with bespoke malware designed to...
Hackers Create Malicious Dota 2 Game Modes to Secretly Access Players’ Systems
An unknown threat actor created malicious game modes for the Dota 2 multiplayer online battle arena (MOBA) video game...
Chinese Tonto Team Hackers’ Second Attempt to Target Cybersecurity Firm Group-IB Fails
The advanced persistent threat (APT) actor known as Tonto Team carried out an unsuccessful attack on cybersecurity company Group-IB...
Patch Now: Apple’s iOS, iPadOS, macOS, and Safari Under Attack with New Zero-Day Flaw
Apple on Monday rolled out security updates for iOS, iPadOS, macOS, and Safari to address a zero-day flaw that it...
Honeypot-Factory: The Use of Deception in ICS/OT Environments
There have been a number of reports of attacks on industrial control systems (ICS) in the past few years. Looking...
Massive HTTP DDoS Attack Hits Record High of 71 Million Requests/Second
Web infrastructure company Cloudflare on Monday disclosed that it thwarted a record-breaking distributed denial-of-service (DDoS) attack that peaked at over...
