MAL-2025-172494 Malicious code in namei-mla-anu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3e5d08200ff8924a5da1b46728de88ef772a9bdf1b45c8d2f89d7991987cc8bc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

International Authorities Take Down Flubot Malware Network

International law enforcement has taken down the infrastructure behind Flubot, a nasty piece of malware which had been spreading with unprecedented speed across Android devices globally since December 2020. Europol revealed Wednesday that a collaboration between law enforcement in 11 countries le...

Two New Account Frauds You Should Be Investigating

Account Takeover is a type of identity theft where a bad actor gains unauthorized access to an account belonging to someone else. Also known as brute force login, dictionary attack, credential stuffing, or credential cracking. If successful, the aftermath entails many unpleasant implications for...

Amazon Prime Day Spurs Spike in Phishing, Fraud Attacks

Cybercriminals are tapping into Amazon’s annual discount shopping campaign for subscribers, Prime Day, with researchers warning of a recent spike in phishing and malicious websites that are fraudulently using the Amazon brand. There has been a spike in the number of new monthly phishing and...

Quarantyne - Modern Web Firewall: Stop Account Takeovers, Weak Passwords, Cloud IPs, DoS Attacks, Disposable Emails

Automated web security made simple Quarantyne is a reverse-proxy that protects web applications and APIs from fraudulent behavior, misuse, bots and cyber-attacks in real-time. Requirements Java 8 Presentation Quarantyne is a reverse-proxy written in java. It fronts a web application or API and...

Using Gmail "Dot Addresses" to Commit Fraud

In Gmail addresses, the dots don't matter. The account "[email protected]" maps to the exact same address as "[email protected]" and "[email protected]" -- and so on. Note: I own none of those addresses, if they are actually valid. This fact can be used to commit fraud:...