malicious
-
Researchers Uncover 4-Month Cyberattack on U.S. Firm Linked to Chinese Hackers
A suspected Chinese threat actor targeted a large U.S. organization earlier this year as part of a four-month-long intrusion. According…
Read More » -
Researchers Uncover Backdoor in Solana’s Popular Web3.js npm Library
Cybersecurity researchers are alerting to a software supply chain attack targeting the popular @solana/web3.js npm library that involved pushing two…
Read More » -
8 Million Android Users Hit by SpyLoan Malware in Loan Apps on Google Play
Over a dozen malicious Android apps identified on the Google Play Store that have been collectively downloaded over 8 million…
Read More » -
Wanted Russian Cybercriminal Linked to Hive and LockBit Ransomware Has Been Arrested
A Russian cybercriminal wanted in the U.S. in connection with LockBit and Hive ransomware operations has been arrested by law…
Read More » -
Phishing-as-a-Service “Rockstar 2FA” Targets Microsoft 365 Users with AiTM Attacks
Cybersecurity researchers are warning about malicious email campaigns leveraging a phishing-as-a-service (PhaaS) toolkit called Rockstar 2FA with an aim to…
Read More » -
XMLRPC npm Library Turns Malicious, Steals Data, Deploys Crypto Miner
Cybersecurity researchers have discovered a software supply chain attack that has remained active for over a year on the npm…
Read More » -
Cybercriminals Exploit Popular Game Engine Godot to Distribute Cross-Platform Malware
A popular open-source game engine called Godot Engine is being misused as part of a new GodLoader malware campaign, infecting…
Read More » -
INTERPOL Busts African Cybercrime: 1,006 Arrests, 134,089 Malicious Networks Dismantled
An INTERPOL-led operation has led to the arrest of 1,006 suspects across 19 African countries and the takedown of 134,089…
Read More » -
Critical WordPress Anti-Spam Plugin Flaws Expose 200,000+ Sites to Remote Attacks
Two critical security flaws impacting the Spam protection, Anti-Spam, and FireWall plugin WordPress could allow an unauthenticated attacker to install…
Read More » -
PyPI Python Library “aiocpa” Found Exfiltrating Crypto Keys via Telegram Bot
The administrators of the Python Package Index (PyPI) repository have quarantined the package “aiocpa” following a new update that included…
Read More »