Specialists at ReversingLabs have uncovered a suspicious package within the NuGet package manager, ostensibly targeting developers who utilize tools from the Chinese company Bozhon Precision Industry Technology, which specializes in the production of industrial...
Apple users have encountered a cunning phishing scheme that exploits a vulnerability in the password reset function. Victims find their devices bombarded with such an overwhelming number of system notifications that the smartphone becomes...
On March 25th, the United Kingdom and the United States formally accused China of cyberattacks on democratic institutions, linking Chinese intelligence services to incidents at the Electoral Commission in 2021 and attempting to hack...
Cybercriminals are increasingly leveraging the new phishing platform Tycoon 2FA to compromise Microsoft 365 and Gmail accounts, circumventing two-factor authentication. This trend was identified by experts at Sekoia. Tycoon 2FA was discovered in October...
The popular service Top.gg, aiding users in finding servers and bots for Discord, suffered from a supply chain attack. Malefactors injected malicious code into Python packages used by bot developers, evidently aiming to steal...
The cybersecurity firm Proofpoint has uncovered a new phishing campaign orchestrated by the Iranian faction MuddyWater. This operation disseminates legitimate remote monitoring and management software, Atera, among Israeli organizations within the global manufacturing, technology,...
Mandiant specialists report that Chinese hackers, identified as UNC5174, are exploiting vulnerabilities in widely-used products to disseminate malicious software capable of installing additional backdoors on compromised Linux hosts. The attacks orchestrated by UNC5174 have...
The cybercrime collective known as UNC4210 orchestrated an assault on the digital infrastructure of a European non-governmental organization, deploying the malign software TinyTurla-NG to establish a backdoor. This cyberattack was meticulously documented in a...
In the context of an international operation led by Germany, the activity of the popular overseas illicit trading platform Nemesis was halted. Local police reported the seizure of the resource’s infrastructure and the shutdown...
U.S. authorities have expressed concerns regarding the actions of the Chinese hacking group Volt Typhoon, warning owners and operators of critical infrastructure about the necessity of defending against potential devastating cyber attacks. A new...
For not the first time, the popular Linux application store, Snap Store, operated by Canonical, has found itself harboring fraudulent cryptocurrency wallets masquerading as renowned brands. Previously, in February of this year, security researchers...
In Ukraine, authorities have apprehended three individuals suspected of hacking over 100 million emails and Instagram accounts worldwide. The culprits, aged between 20 and 40, employed specialized software to crack passwords through brute force...
In a recent report titled “The State of API Security in 2024” by Imperva, it was revealed that the majority of internet traffic, approximately 70%, is attributed to API calls. In 2023, an average...
The Biden administration has issued a stark warning regarding the risk of cyberattacks targeting the United States’ water supply systems, highlighting the continuous threats posed by hackers affiliated with the governments of Iran and...
Netskope Threat Labs has uncovered a new campaign leveraging Google Sites phishing pages to disseminate the info-stealer AZORult. This phishing endeavor is not yet attributed to any specific malefactor or group; it aims to...
The cybersecurity firm Securonix has uncovered a new campaign in which hackers employ sophisticated techniques to infiltrate Windows computers and exfiltrate confidential data. Named DEEP#GOSU, the campaign is believed to be linked to the...
