information security

Malicious NPM Packages Exfiltrate Hundreds of Developer SSH Keys via GitHub

?Jan 23, 2024?NewsroomSoftware Security / Supply Chain Two malicious packages discovered on the npm package registry have been found to leverage GitHub to store Base64-encrypted SSH keys stolen from developer systems on which they were…

MacOS Malware Hides in Cracked Apps, Targeting Crypto Wallets

?Jan 23, 2024?NewsroomMalware / Cryptocurrency Cracked software have been observed infecting Apple macOS users with a previously undocumented stealer malware capable of harvesting system information and cryptocurrency wallet data. Kaspersky, which identified the artifacts in…

Gcore Radar Warns of a New Era of DDoS Attacks

?Jan 23, 2024?The Hacker NewsCybersecurity / Server Security As we enter 2024, Gcore has released its latest Gcore Radar report, a twice-annual publication in which the company releases internal analytics to track DDoS attacks. Gcore’s…

BreachForums Founder Sentenced to 20 Years of Supervised Release, No Jail Time

?Jan 23, 2024?NewsroomCyber Crime / Dark Web Conor Brian Fitzpatrick has been sentenced to time served and 20 years of supervised release for his role as the creator and administrator of BreachForums. Fitzpatrick, who went…

Critical Confluence RCE Under Active Exploitation

?Jan 23, 2024?NewsroomVulnerability / Cyber Attack Malicious actors have begun to actively exploit a recently disclosed critical security flaw impacting Atlassian Confluence Data Center and Confluence Server, within three days of public disclosure. Tracked as…

Apple Issues Patch for Critical Zero-Day in iPhones, Macs

?Jan 23, 2024?NewsroomVulnerability / Device Security Apple on Monday released security updates for iOS, iPadOS, macOS, tvOS, and Safari web browser to address a zero-day flaw that has come under active exploitation in the wild.…

North Korean Hackers Weaponize Fake Research to Deliver RokRAT Backdoor

?Jan 22, 2024?NewsroomCyber Attack / Hacking Media organizations and high-profile experts in North Korean affairs have been at the receiving end of a new campaign orchestrated by a threat actor known as ScarCruft in December…

MavenGate Attack Could Let Hackers Hijack Java and Android via Abandoned Libraries

Several public and popular libraries abandoned but still used in Java and Android applications have been found susceptible to a new software supply chain attack method called MavenGate. “Access to projects can be hijacked through…

NS-STEALER Uses Discord Bots to Exfiltrate Your Secrets from Popular Browsers

?Jan 22, 2024?NewsroomBrowser Security / Cyber Threat Cybersecurity researchers have discovered a new Java-based “sophisticated” information stealer that uses a Discord bot to exfiltrate sensitive data from compromised hosts. The malware, named NS-STEALER, is propagated…

52% of Serious Vulnerabilities We Find are Related to Windows 10

We analyzed 2,5 million vulnerabilities we discovered in our customer’s assets. This is what we found. Digging into the data The dataset we analyze here is representative of a subset of clients that subscribe to…

« Previous
1
…
158
159
160
161
162
…
166
Next »