downloads
-
PyPI Repository Makes 2FA Security Mandatory for Critical Python Projects
The maintainers of the official third-party software repository for Python have begun imposing a new two-factor authentication (2FA) condition for…
Read More » -
Google Says ISPs Helped Attackers Infect Targeted Smartphones with Hermit Spyware
A week after it emerged that a sophisticated mobile spyware dubbed Hermit was used by the government of Kazakhstan within…
Read More » -
A Microsoft Office 365 Feature Could Help Ransomware Hackers Hold Cloud Files Hostage
A “dangerous piece of functionality” has been discovered in Microsoft 365 suite that could be potentially abused by a malicious…
Read More » -
Patch Tuesday: Microsoft Issues Fix for Actively Exploited ‘Follina’ Vulnerability
Microsoft finally released fixes to address an actively exploited Windows zero-day vulnerability known as Follina as part of its Patch…
Read More » -
Researchers Warn of Unpatched “DogWalk” Microsoft Windows Vulnerability
An unofficial security patch has been made available for a new Windows zero-day vulnerability in the Microsoft Support Diagnostic Tool…
Read More » -
10 Most Prolific Banking Trojans Targeting Hundreds of Financial Apps with Over a Billion Users
10 of the most prolific mobile banking trojans have set their eyes on 639 financial applications that are available on…
Read More » -
SideWinder Hackers Use Fake Android VPN Apps to Target Pakistani Entities
The threat actor known as SideWinder has added a new custom tool to its arsenal of malware that’s being used…
Read More » -
Hackers Increasingly Using Browser Automation Frameworks for Malicious Activities
Cybersecurity researchers are calling attention to a free-to-use browser automation framework that’s being increasingly used by threat actors as part…
Read More » -
Researchers Uncover Rust Supply-Chain Attack Targeting Cloud CI Pipelines
A case of software supply chain attack has been observed in the Rust programming language’s crate registry that leveraged typosquatting…
Read More » -
Heroku Forces User Password Resets Following GitHub OAuth Token Theft
Salesforce-owned subsidiary Heroku on Thursday acknowledged that the theft of GitHub integration OAuth tokens further involved unauthorized access to an…
Read More »