javascript
-
Binance’s Smart Chain Exploited in New ‘EtherHiding’ Malware Campaign
Threat actors have been observed serving malicious code by utilizing Binance’s Smart Chain (BSC) contracts in what has been described…
Read More » -
New Magecart Campaign Alters 404 Error Pages to Steal Shoppers’ Credit Cards
A sophisticated Magecart campaign has been observed manipulating websites’ default 404 error page to conceal malicious code in what’s been…
Read More » -
libcue Library Flaw Opens GNOME Linux Systems Vulnerable to RCE Attacks
A new security flaw has been disclosed in the libcue library impacting GNOME Linux systems that could be exploited to…
Read More » -
Supermicro’s BMC Firmware Found Vulnerable to Multiple Critical Vulnerabilities
Multiple security vulnerabilities have been disclosed in the Intelligent Platform Management Interface (IPMI) firmware for Supermicro baseboard management controllers (BMCs)…
Read More » -
Analysis and Config Extraction of Lu0Bot, a Node.js Malware with Considerable Capabilities
Nowadays, more malware developers are using unconventional programming languages to bypass advanced detection systems. The Node.js malware Lu0Bot is a…
Read More » -
Over 3 Dozen Data-Stealing Malicious npm Packages Found Targeting Developers
Nearly three dozen counterfeit packages have been discovered in the npm package repository that are designed to exfiltrate sensitive data…
Read More » -
Progress Software Releases Urgent Hotfixes for Multiple Security Flaws in WS_FTP Server
Progress Software has released hotfixes for a critical security vulnerability, alongside seven other flaws, in the WS_FTP Server Ad hoc…
Read More » -
GitHub Repositories Hit by Password-Stealing Commits Disguised as Dependabot Contributions
A new malicious campaign has been observed hijacking GitHub accounts and committing malicious code disguised as Dependabot contributions with an…
Read More »