Lucene search
K

31 matches found

OSSF Malicious Packages
OSSF Malicious Packages
•added 2025/11/11 8:11 p.m.•2 views

Malicious code in nina-mangga15-breki (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c3f9d51e480718159b77c89fe1af57bedeb4edf259025032f1bd769830a80c4d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
The Hacker News
The Hacker News
•added 2024/11/08 12:23 p.m.•40 views

IcePeony and Transparent Tribe Target Indian Entities with Cloud-Based Tools

High-profile entities in India have become the target of malicious campaigns orchestrated by the Pakistan-based Transparent Tribe threat actor and a previously unknown China-nexus cyber espionage group dubbed IcePeony. The intrusions linked to Transparent Tribe involve the use of a malware called...

7.8CVSS9.3AI score0.99374EPSS
Exploits62
The Hacker News
The Hacker News
•added 2024/07/10 5:35 a.m.•19 views

ViperSoftX Malware Disguises as eBooks on Torrents to Spread Stealthy Attacks

The sophisticated malware known as ViperSoftX has been observed being distributed as eBooks over torrents. "A notable aspect of the current variant of ViperSoftX is that it uses the Common Language Runtime CLR to dynamically load and run PowerShell commands, thereby creating a PowerShell...

7.6AI score
Exploits0
Securelist
Securelist
•added 2023/11/06 10:0 a.m.•35 views

Gaming-related cyberthreats in 2023: Minecrafters targeted the most

Introduction and trends The gaming industry continues growing. The Newzoo report for 2023 reveals that two in five — more than three billion — across the globe are gamers, which is 6.3 percent more than last year. Globally, gaming revenue amounts to an estimated US$242.39 billion, with almost hal...

6.4AI score
Exploits0
Malwarebytes
Malwarebytes
•added 2023/10/13 12:15 p.m.•17 views

Explained: Quishing

Quishing is phishing using QR Quick Response codes. QR codes are basically two-dimensional barcodes that hold encoded data, and they can be used to work as a link. Point your phone's camera at a QR code and it will ask you if you want to visit the link. The use of QR codes in malicious campaigns ...

7AI score
Exploits0
Malwarebytes
Malwarebytes
•added 2023/08/21 8:45 p.m.•19 views

QR codes used to phish for Microsoft credentials

Researchers have published details about a phishing campaign that uses QR codes to phish for Microsoft credentials. A QR Quick Response code is a kind of two-dimensional barcode that holds encoded data in a graphical black-and-white pattern. The data that a QR code stores can include URLs, email...

7.2AI score
Exploits0
Talos Blog
Talos Blog
•added 2023/08/07 12:0 p.m.•17 views

Code leaks are causing an influx of new ransomware actors

Ransomware gangs are consistently rebranding or merging with other groups, as highlighted in our 2022 Year in Review, or these actors work for multiple ransomware-as-a-service RaaS outfits at a time, and new groups are always emerging. This trend is already continuing this year. Since 2021, there...

7.2AI score
Exploits0
Talos Blog
Talos Blog
•added 2023/07/20 6:0 p.m.•36 views

The federal government’s cybersecurity policies are falling into place just in time to be stalled again

Welcome to this weeks edition of the Threat Source newsletter. Last week, the Biden administration released its formal roadmap for its national cybersecurity initiative meant to encourage greater investment in cybersecurity and strengthen the U.S.s critical infrastructure security and more. The...

6.8CVSS7.8AI score0.18185EPSS
Exploits0
The Hacker News
The Hacker News
•added 2022/11/02 9:39 a.m.•43 views

Experts Warn of SandStrike Android Spyware Infecting Devices via Malicious VPN App

A previously undocumented Android spyware campaign has been found striking Persian-speaking individuals by masquerading as a seemingly harmless VPN application. Russian cybersecurity firm Kaspersky is tracking the campaign under the moniker SandStrike. It has not been attributed to any particular...

1.4AI score
Exploits0
The Hacker News
The Hacker News
•added 2022/04/12 3:37 a.m.•44 views

Over 16,500 Sites Hacked to Distribute Malware via Web Redirect Service

A new traffic direction system TDS called Parrot has been spotted leveraging tens of thousands of compromised websites to launch further malicious campaigns. "The TDS has infected various web servers hosting more than 16,500 websites, ranging from adult content sites, personal websites, universit...

0.7AI score
Exploits0
Talos Blog
Talos Blog
•added 2022/03/16 6:25 a.m.•16 views

Preparing for denial-of-service attacks with Talos Incident Response

By Yuri Kramarz. Over the years, several extorsion-style and politically motivated denial-of-service attacks increased and still pose a threat to businesses and organizations of any size that can find themselves in the crosshairs of various malicious campaigns. A detailed... This is only the...

3.5AI score
Exploits0
The Hacker News
The Hacker News
•added 2022/01/12 1:9 p.m.•23 views

Hackers Use Cloud Services to Distribute Nanocore, Netwire, and AsyncRAT Malware

Threat actors are actively incorporating public cloud services from Amazon and Microsoft into their malicious campaigns to deliver commodity remote access trojans RATs such as Nanocore, Netwire, and AsyncRAT to siphon sensitive information from compromised systems. The spear-phishing attacks, whi...

7.1AI score
Exploits0
The Hacker News
The Hacker News
•added 2021/12/08 6:33 a.m.•51 views

Warning: Yet Another Bitcoin Mining Malware Targeting QNAP NAS Devices

Network-attached storage NAS appliance maker QNAP on Tuesday released a new advisory warning of a cryptocurrency mining malware targeting its devices, urging customers to take preventive steps with immediate effect. "A bitcoin miner has been reported to target QNAP NAS. Once a NAS is infected, CP...

9.8CVSS0.7AI score0.03042EPSS
Exploits0
The Hacker News
The Hacker News
•added 2021/08/05 10:12 a.m.•47 views

A Wide Range of Cyber Attacks Leveraging Prometheus TDS Malware Service

Multiple cybercriminal groups are leveraging a malware-as-a-service MaaS solution to carry out a wide range of malicious software distribution campaigns that result in the deployment of payloads such as Campo Loader, Hancitor, IcedID, QBot, Buer Loader, and SocGholish against individuals in Belgi...

0.2AI score
Exploits0
Krebs on Security
Krebs on Security
•added 2020/09/24 5:0 p.m.•131 views

Microsoft: Attackers Exploiting ‘ZeroLogon’ Windows Flaw

Microsoft warned on Wednesday that malicious hackers are exploiting a particularly dangerous flaw in Windows Server systems that could be used to give attackers the keys to the kingdom inside a vulnerable corporate network. Microsofts warning comes just days after the U.S. Department of Homeland...

9.3CVSS1.2AI score0.99512EPSS
Exploits75
ThreatPost
ThreatPost
•added 2020/03/17 12:16 p.m.•11 views

Activities of a Nigerian Cybercriminal Uncovered

Ever wonder who’s behind one of those Nigerian cyber-crime email campaigns asking you to enter into a shady business deal and how they’re enacted? In a unique profile, researchers pulled back the curtain on such an attack with a report outlining how a Nigerian cybercriminal made hundreds of...

7.3AI score
Exploits0References7
ThreatPost
ThreatPost
•added 2020/03/17 12:16 p.m.•59 views

Activities of a Nigerian Cybercriminal Uncovered

Ever wonder who’s behind one of those Nigerian cyber-crime email campaigns asking you to enter into a shady business deal and how they’re enacted? In a unique profile, researchers pulled back the curtain on such an attack with a report outlining how a Nigerian cybercriminal made hundreds of...

7.3AI score
Exploits0References7
ThreatPost
ThreatPost
•added 2019/12/04 6:32 p.m.•55 views

‘Highly Competitive' Buer Loader Emerges in Underground Markets

A previously undocumented modular loader has emerged as a lucrative tool for cybercriminals in a variety of campaigns. Researchers say the “highly competitive” loader, dubbed Buer, is intended for use by actors seeking a turn-key, off-the-shelf solution. Researchers say they have spotted the load...

7.3AI score
Exploits0References16
ThreatPost
ThreatPost
•added 2019/05/13 4:38 p.m.•254 views

ThreatList: Top 5 Most Dangerous Attachment Types

Researchers with F-Secure have tracked the top spam-related attachments and campaigns used so far in 2019. The verdict, ZIPs, PDF, and MS office files such as DOC and XLSM file attachments were more commonly used in huge spam campaigns than any other type attachment. In addition, researchers...

7.3AI score
Exploits0References15
Talos Blog
Talos Blog
•added 2019/05/02 7:4 a.m.•179 views

JasperLoader Emerges, Targets Italy with Gootkit Banking Trojan

Nick Biasini and Edmund Brumaghin authored this blog post with contributions from Andrew Williams. Introduction to JasperLoader Malware loaders are playing an increasingly important role in malware distribution. They give adversaries the ability to gain an initial foothold on a system and are...

0.5AI score
Exploits0
Rows per page
Query Builder