Ongoing supply chain attack targets Python developers with WASP Stealer
A threat actor tracked as WASP is behind an ongoing supply chain attack targeting Python developers with the WASP Stealer....
hacking
China-based Fangxiao group behind a long-running phishing campaign
A China-based financially motivated group, tracked as Fangxiao, is behind a large-scale phishing campaign dating back as far as 2019. Researchers...
Two public schools in Michigan hit by a ransomware attack
Public schools in two Michigan counties were forced to halt their activities, including the lessons, after a ransomware attack. ...
Magento and Adobe Commerce websites under attack
Researchers warn of a surge in cyberattacks targeting CVE-2022-24086, a pre-authentication issue impacting Adobe Commerce and Magento stores. In September 2022,...
nuvola – Tool To Dump And Perform Automatic And Manual Security Analysis On Aws Environments Configurations And Services
nuvola (with the lowercase n) is a tool to dump and perform automatic and manual security analysis on AWS environments...
Tank, the leader of the Zeus cybercrime gang, was arrested by the Swiss police
A suspected leader of the Zeus cybercrime gang, Vyacheslav Igorevich Penchukov (aka Tank), was arrested by Swiss police. Swiss police last...
Iran-linked threat actors compromise US Federal Network
Iran-linked threat actors compromised a Federal Civilian Executive Branch organization using a Log4Shell exploit and installed a cryptomining malware. According...
F5 fixed 2 high-severity Remote Code Execution bugs in its products
Researchers at cybersecurity firm Rapid7 have identified several vulnerabilities and other potential security issues affecting F5 products. Rapid7 researchers discovered...
Lazarus APT uses DTrack backdoor in attacks against LATAM and European orgs
North Korea-linked Lazarus APT is using a new version of the DTrack backdoor in attacks aimed at organizations in Europe...
New RapperBot Campaign targets game servers with DDoS attacks
Fortinet researchers discovered new samples of RapperBot used to build a botnet to launch Distributed DDoS attacks against game servers....
TripleCross – A Linux eBPF Rootkit With A Backdoor, C2, Library Injection, Execution Hijacking, Persistence And Stealth Capabilities.
TripleCross is a Linux eBPF rootkit that demonstrates the offensive capabilities of the eBPF technology. TripleCross is inspired by previous...
Beginning 2023 Google plans to rollout the initial Privacy Sandbox Beta
Google announced it will roll out the Privacy Sandbox system for Android in beta to a limited number of Android...
Happy birthday Security Affairs … 11 years together!
Happy BirthDay Security Affairs! Eleven years together! I launched Security Affairs for passion in November 2011 and since then the...
Experts found critical RCE in Spotify’s Backstage
Researchers discovered a critical vulnerability impacting Spotify’s Backstage Software Catalog and Developer Platform. Researchers from the security firm Oxeye discovered...
Experts revealed details of critical SQLi and access issues in Zendesk Explore
Researchers disclosed technical details of critical SQLi and access vulnerabilities in the Zendesk Explore Service. Cybersecurity researchers at Varonis disclosed...
China-linked APT Billbug breached a certificate authority in Asia
A suspected China-linked APT group breached a digital certificate authority in Asia as part of a campaign aimed at government...
Dismember – Scan Memory For Secrets And More
Dismember is a command-line toolkit for Linux that can be used to scan the memory of all processes (or particular...
Google to Pay a record $391M fine for misleading users about the collection of location data
Google is going to pay $391.5 million to settle with 40 states in the U.S. for secretly collecting personal location...
Previously undetected Earth Longzhi APT group is a subgroup of APT41
Trend Micro reported that the Earth Longzhi group, a previously undocumented subgroup of APT41, targets Ukraine and Asian Countries. Early this...
Avast details Worok espionage group’s compromise chain
Cyber espionage group Worok abuses Dropbox API to exfiltrate data via using a backdoor hidden in apparently innocuous image files. Researchers...
Massive Black hat SEO campaign used +15K WordPress sites
Experts warn of a malicious SEO campaign that has compromised over 15,000 WordPress websites to redirect visitors to fake Q&A portals....
KmsdBot, a new evasive bot for cryptomining activity and DDoS attacks
Researchers spotted a new evasive malware, tracked as KmsdBot, that infects systems via an SSH connection that uses weak credentials....
Unblob – Extract Files From Any Kind Of Container Formats
Download Unblob If you like the site, please consider joining the telegram channel or supporting us on Patreon using the...
CERT-UA warns of multiple Somnia ransomware attacks against organizations in Ukraine
Russian threat actors employed a new ransomware family called Somnia in attacks against multiple organizations in Ukraine. The Government Computer...
