Ongoing supply chain attack targets Python developers with WASP Stealer
A threat actor tracked as WASP is behind an ongoing supply chain attack targeting Python developers with the WASP Stealer....
A threat actor tracked as WASP is behind an ongoing supply chain attack targeting Python developers with the WASP Stealer....
A China-based financially motivated group, tracked as Fangxiao, is behind a large-scale phishing campaign dating back as far as 2019. Researchers...
Public schools in two Michigan counties were forced to halt their activities, including the lessons, after a ransomware attack. ...
Researchers warn of a surge in cyberattacks targeting CVE-2022-24086, a pre-authentication issue impacting Adobe Commerce and Magento stores. In September 2022,...
nuvola (with the lowercase n) is a tool to dump and perform automatic and manual security analysis on AWS environments...
A suspected leader of the Zeus cybercrime gang, Vyacheslav Igorevich Penchukov (aka Tank), was arrested by Swiss police. Swiss police last...
Iran-linked threat actors compromised a Federal Civilian Executive Branch organization using a Log4Shell exploit and installed a cryptomining malware. According...
Researchers at cybersecurity firm Rapid7 have identified several vulnerabilities and other potential security issues affecting F5 products. Rapid7 researchers discovered...
North Korea-linked Lazarus APT is using a new version of the DTrack backdoor in attacks aimed at organizations in Europe...
Fortinet researchers discovered new samples of RapperBot used to build a botnet to launch Distributed DDoS attacks against game servers....
TripleCross is a Linux eBPF rootkit that demonstrates the offensive capabilities of the eBPF technology. TripleCross is inspired by previous...
Google announced it will roll out the Privacy Sandbox system for Android in beta to a limited number of Android...
Happy BirthDay Security Affairs! Eleven years together! I launched Security Affairs for passion in November 2011 and since then the...
Researchers discovered a critical vulnerability impacting Spotify’s Backstage Software Catalog and Developer Platform. Researchers from the security firm Oxeye discovered...
Researchers disclosed technical details of critical SQLi and access vulnerabilities in the Zendesk Explore Service. Cybersecurity researchers at Varonis disclosed...
A suspected China-linked APT group breached a digital certificate authority in Asia as part of a campaign aimed at government...
Dismember is a command-line toolkit for Linux that can be used to scan the memory of all processes (or particular...
Google is going to pay $391.5 million to settle with 40 states in the U.S. for secretly collecting personal location...
Trend Micro reported that the Earth Longzhi group, a previously undocumented subgroup of APT41, targets Ukraine and Asian Countries. Early this...
Cyber espionage group Worok abuses Dropbox API to exfiltrate data via using a backdoor hidden in apparently innocuous image files. Researchers...
Experts warn of a malicious SEO campaign that has compromised over 15,000 WordPress websites to redirect visitors to fake Q&A portals....
Researchers spotted a new evasive malware, tracked as KmsdBot, that infects systems via an SSH connection that uses weak credentials....
Download Unblob If you like the site, please consider joining the telegram channel or supporting us on Patreon using the...
Russian threat actors employed a new ransomware family called Somnia in attacks against multiple organizations in Ukraine. The Government Computer...