Lucene search
K

8 matches found

The Hacker News
The Hacker News
added 2024/12/20 8:39 a.m.7 views

Rspack npm Packages Compromised with Crypto Mining Malware in Supply Chain Attack

The developers of Rspack have revealed that two of their npm packages, @rspack/core and @rspack/cli, were compromised in a software supply chain attack that allowed a malicious actor to publish malicious versions to the official package registry with cryptocurrency mining malware. Following the...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2024/05/30 2:24 p.m.41 views

RedTail Crypto-Mining Malware Exploiting Palo Alto Networks Firewall Vulnerability

The threat actors behind the RedTail cryptocurrency mining malware have added a recently disclosed security flaw impacting Palo Alto Networks firewalls to its exploit arsenal. The addition of the PAN-OS vulnerability to its toolkit has been complemented by updates to the malware, which now...

10CVSS10AI score0.99999EPSS
Exploits457
The Hacker News
The Hacker News
added 2023/06/23 7:30 a.m.58 views

New Cryptocurrency Mining Campaign Targets Linux Systems and IoT Devices

Internet-facing Linux systems and Internet of Things IoT devices are being targeted as part of a new campaign designed to illicitly mine cryptocurrency. "The threat actors behind the attack use a backdoor that deploys a wide array of tools and components such as rootkits and an IRC bot to steal...

9.8CVSS9.9AI score0.69663EPSS
Exploits1
The Hacker News
The Hacker News
added 2021/10/23 4:42 a.m.39 views

Popular NPM Package Hijacked to Publish Crypto-mining Malware

The U.S. Cybersecurity and Infrastructure Security Agency on Friday warned of crypto-mining and password-stealing malware embedded in "UAParser.js," a popular JavaScript NPM library with over 6 million weekly downloads, days after the NPM repository moved to get rid of three rogue packages that...

7AI score
Exploits0
Imperva Blog
Imperva Blog
added 2021/04/30 12:12 p.m.38 views

Benefits of Building a Multi-prong Mousetrap for WAF Policies with ML

The reason behind buying a market-leading Web Application Firewall WAF is to protect your website and web applications from malicious attacks, plus complying with industry or regional data and privacy standards. In addition to the typical OWASP Top 10 vulnerabilities, WAFs need to address a litan...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2021/01/21 2:24 p.m.92 views

MrbMiner Crypto-Mining Malware Links to Iranian Software Company

A relatively new crypto-mining malware that surfaced last year and infected thousands of Microsoft SQL Server MSSQL databases has now been linked to a small software development company based in Iran. The attribution was made possible due to an operational security oversight, said researchers fro...

1.1AI score
Exploits0
Talos Blog
Talos Blog
added 2019/09/17 8:9 a.m.720 views

Cryptocurrency miners aren’t dead yet: Documenting the voracious but simple “Panda”

By Christopher Evans and David Liebenberg. Executive summary A new threat actor named "Panda" has generated thousands of dollars worth of the Monero cryptocurrency through the use of remote access tools RATs and illicit cryptocurrency-mining malware. This is far from the most sophisticated actor...

10CVSS9.8AI score0.99999EPSS
Exploits118
Carbon Black Blog
Carbon Black Blog
added 2019/02/01 3:45 p.m.137 views

TAU Threat Intelligence Notification: Shade Ransomware

Summary Recently there is a new wave of malicious spam campaign distributing Shade ransomware via sending malicious JavaScript attachments. The spam campaign was mainly targeting users from Russia, and the ransom note was written in both Russian and English. This variant of Shade ransomware will...

6.6AI score
Exploits0
Rows per page
Query Builder