python
-
Reptile Rootkit: Advanced Linux Malware Targeting South Korean Systems
Threat actors are using an open-source rootkit called Reptile to target Linux systems in South Korea. “Unlike other rootkit malware…
Read More » -
Malicious npm Packages Found Exfiltrating Sensitive Data from Developers
Cybersecurity researchers have discovered a new bunch of malicious packages on the npm package registry that are designed to exfiltrate…
Read More » -
New NodeStealer Targeting Facebook Business Accounts and Crypto Wallets
Cybersecurity researchers have unearthed a Python variant of a stealer malware NodeStealer that’s equipped to fully take over Facebook business…
Read More » -
New Malvertising Campaign Distributing Trojanized IT Tools via Google and Bing Search Ads
A new malvertising campaign has been observed leveraging ads on Google Search and Bing to target users seeking IT tools…
Read More » -
Zero-Day Attacks Exploited Critical Vulnerability in Citrix ADC and Gateway
Citrix is alerting users of a critical security flaw in NetScaler Application Delivery Controller (ADC) and Gateway that it said…
Read More » -
Microsoft Bug Allowed Hackers to Breach Over Two Dozen Organizations via Forged Azure AD Tokens
Microsoft on Friday said a validation error in its source code allowed for Azure Active Directory (Azure AD) tokens to…
Read More » -
Python-Based PyLoose Fileless Attack Targets Cloud Workloads for Cryptocurrency Mining
A new fileless attack dubbed PyLoose has been observed striking cloud workloads with the goal of delivering a cryptocurrency miner,…
Read More » -
Node.js Users Beware: Manifest Confusion Attack Opens Door to Malware
The npm registry for the Node.js JavaScript runtime environment is susceptible to what’s called a manifest confusion attack that could…
Read More » -
DDoSia Attack Tool Evolves with Encryption, Targeting Multiple Sectors
The threat actors behind the DDoSia attack tool have come up with a new version that incorporates a new mechanism…
Read More » -
From MuddyC3 to PhonyC2: Iran’s MuddyWater Evolves with a New Cyber Weapon
The Iranian state-sponsored group dubbed MuddyWater has been attributed to a previously unseen command-and-control (C2) framework called PhonyC2 that’s been…
Read More »