Over the past several years, Docker Hub, a platform for hosting software repositories, has been targeted by three major fraudulent campaigns. Researchers from JFrog identified that approximately 20% of the 15 million hosted repositories...
Recently, Google announced significant efforts to enhance the security of its Play Store for Android. Last year, the company rejected or demanded corrections for approximately 200,000 applications that attempted to access users’ sensitive data,...
In a recent campaign involving the dissemination of the AgentTesla malware, as meticulously analyzed by experts at SonicWall, perpetrators employed VBA macros in Word documents to conduct a fileless injection attack, where the malicious...
Researchers from Sekoia have revealed alarming details about the malicious worm PlugX, which, having been abandoned by its creators many years ago, continues to autonomously spread and infect millions of computers worldwide. PlugX, believed...
The Lazarus Group, a notorious hacking collective traditionally associated with North Korea, utilized enticing job offers to deliver a new Remote Access Trojan (RAT) known as Kaolin RAT during attacks targeting individuals in Asia...
Researchers have uncovered a hacking campaign known as DEV#POPPER, targeting software developers. The perpetrators disguise themselves as employers and distribute fictitious job offers to IT specialists. Their true intent is to implant a dangerous...
In recent weeks, there has been an intensification of cyberattacks on Indian government bodies, initiated by groups linked to Pakistan. The analytical team at Seqrite Labs has identified several campaigns in which remote access...
ThreatFabric has identified a new malicious application named Brokewell, capable of recording every action on a device, from keystrokes to text input and application launches. The Trojan is distributed through a counterfeit Google Chrome...
North Korean hackers exploited the eScan antivirus update mechanism to embed backdoors into corporate networks and disseminate cryptocurrency miners using the malicious software, GuptiMiner. Cybersecurity firm Avast reports that the perpetrators conducted an adversary-in-the-middle...
According to a recent report by Cisco Talos, the CoralRaider group is utilizing CDN platforms to disseminate malware in the United States, the United Kingdom, Germany, and Japan. The campaign aims to pilfer credentials,...
On April 17, researchers at Zscaler exposed a malicious software distribution campaign targeting IT professionals. This operation employs deceptive advertising of popular network utilities to implant a new backdoor named MadMxShell. The campaign was...
Cybersecurity experts from Fortinet have identified a new malicious package in the PyPI registry for developers, aimed at stealing user data from Discord. The package, named “discordpy_bypass-1.7,” was published on March 10, 2024, and...
