Attackers infected more than 140 packages from the Mastra AI ecosystem through npm. The malicious code ran right after npm install or npm update. So the infection could reach developer workstations and build servers,...
Attackers injected malicious JavaScript into Okendo Reviews, a product review widget used by more than 18,000 brands. The compromised script loaded on store pages. After a few checks, it could show visitors a fake...
Trust in a familiar sender keeps turning into a weak point. A new campaign against WhatsApp users builds on exactly that bet. The attackers send malicious files from already-hijacked accounts. They disguise the attachments...
At a Glance Field Detail Malware family Prinz Eugen (Go-based ransomware, .prinzeugen extension) Threat actor Prinz Eugen group; linked to the operator handle ROOTBOY (suspected) Victims At least five organizations, including Standard Bank Group...
Malware Family: AryStinger Threat Actor: Unknown (Suspected) Victims: Over 4,000 legacy D-Link routers and NAS systems Delivery Vector: Exploitation of older CVEs Key Capabilities: Traffic proxying, distributed scanning, DNS hijacking Source: XLab (Qianxin) Over...
GitHub has filled up with fake repositories. They disguise themselves as ordinary developer projects. In reality, they push Trojans through links to ZIP archives. A developer using the alias Orchid uncovered the large campaign....
Even conventional digital distribution ecosystems can morph into potent vectors for infection when user-generated content is capable of executing arbitrary code. Malicious actors have recently exploited the Steam Workshop to proliferate malware disguised as...
Development acceleration tools increasingly gain access to our most precious professional secrets. Malicious plugin creators for the JetBrains Marketplace deliberately exploited this profound zone of trust. Recently, a comprehensive report detailed how multiple JetBrains...
Cloud machine learning platforms often conceal complex infrastructures behind a few lines of code. Unfortunately, this convenient automation created a dangerous vulnerability within the Google Vertex AI SDK for Python. Specialists from Palo Alto...
Live wallpaper extensions may look like a harmless way to refresh a browser’s appearance, but researchers recently uncovered 152 potentially dangerous extensions lurking in the Chrome Web Store. Disguised as live wallpapers, these add-ons...
In the mercenary realm of commercial surveillance, judicial injunctions rarely deter those who have engineered lucrative empires upon human vulnerabilities. Recently, Meta disclosed audacious new attempts by the notorious NSO Group to compromise WhatsApp...
Occasionally, the simplest method to conceal malicious software relies not upon intricate camouflage, but rather upon excessive digital weight. GoFlateLoader utilizes this precise technique. It is a Golang loader designed to deliver infostealers like...
