41 matches found
Hackers Hide Malware in Fake DeepSeek PyPI Packages
Malicious DeepSeek packages on PyPI spread malware, stealing sensitive data like API keys. Learn how this attack targeted developers and how to protect yourself...
'Stargazer Goblin' Creates 3,000 Fake GitHub Accounts for Malware Spread
A threat actor known as Stargazer Goblin has set up a network of inauthentic GitHub accounts to fuel a Distribution-as-a-Service DaaS that propagates a variety of information-stealing malware and netting them $100,000 in illicit profits over the past year. The network, which comprises over 3,000...
Over 100 Malicious AI/ML Models Found on Hugging Face Platform
As many as 100 malicious artificial intelligence AI/machine learning ML models have been discovered in the Hugging Face platform. These include instances where loading a pickle file leads to code execution, software supply chain security firm JFrog said. "The model's payload grants the attacker a...
PT-2023-3875
Name of the Vulnerable Software and Affected Versions MikroTik RouterOS versions prior to 6.49.7 MikroTik RouterOS long-term versions prior to 6.48.7 Description The issue is related to a privilege escalation problem in the Winbox and HTTP interfaces of MikroTik RouterOS. A remote and authenticat...
Malicious code in tpstudyed (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx e23727ae8a6fc41ea3192f6364598d22b82aa7e1f285f40cfc9cb7baedda86a8 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...
Malicious code in libmineurl (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx ee5b64de705122b5e4c366fad9b7d00ad56081a9a41e34b18897bdd017782c69 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...
Brave Software: S3 Bucket Takeover : brave-apt
An unclaimed S3 bucket was found on the domain brave.com, which was being used in the installation of brave-browser in Linux distros. An attacker could have taken over the S3 bucket and used it to spread malware or create a fake login page to spoof users. The vulnerability was reported to the...
A week in security (September 19 – 25)
Last week on Malwarebytes Labs: Hookup site targeted by typo-squatters American Airlines suffers data breach after phishing incident Grand Theft Auto 6 suffers grand theft EDR vs MDR vs XDR - Whats the Difference? Scammers send fake 'Energy Bills Support Scheme' texts Tax refund phish logs...
COVID-19: Hackers Begin Exploiting Zoom's Overnight Success to Spread Malware
As people increasingly work from home and online communication platforms such as Zoom explode in popularity in the wake of coronavirus outbreak, cybercriminals are taking advantage of the spike in usage by registering new fake "Zoom" domains and malicious "Zoom" executable files in an attempt to...
Hackers can use flaw in Philips smart light bulbs to spread malware
By Sudais Asif Hackers can use this vulnerability to carry out a wide range of cyber attacks including ransomware infection. This is a post from HackRead.com Read the original post: Hackers can use flaw in Philips smart light bulbs to spread malware...
We All Could Pay a Price for the Latest Slap at Huawei
An international cybersecurity group has evicted the Chinese telecom company to comply with US sanctions. That could allow malware to spread more easily...
New Threat Actor Fraudulently Buys Digital Certificates to Spread Malware
Researchers have identified a new threat actor that is using impersonation fraud to purchase digital certificates that are then used for the spread of malware. Security firm ReversingLabs identified a bad actor that deceives certificate authorities into selling them legitimate digital certificate...
Canada Uses Civil Anti-Spam Law in Bid to Fine Malware Purveyors
Canadian government regulators are using the country's powerful new anti-spam law to pursue hefty fines of up to a million dollars against Canadian citizens suspected of helping to spread malicious software. In March 2019, the Canadian Radio-television and Telecommunications Commission CRTC --...
Foscam camera FTP Server Account Empty Password Vulnerability
Foscam camera is a webcam that pushes messages to your phone and also enables video Baidu cloud storage directly through WIFI. Foscam camera FTP server has an account empty password vulnerability, due to the user account of the built-in FTP server is empty password. Attackers can then access the...
WhatsApp : XSS vulnerability can be misused for Spreading Malware
WhatsApp XSS vulnerability can be misused for Spreading Malware Little Insight: According to FACEBOOK,This XSS could take advantage of the known domain to make phishing attacks easier or can be misused for Spreading Malware Reward For Whatsapp XSS Vulnerability : 1000$ My Finding.... Domain:...
Automattic: CSV Injection in polldaddy.com
Hello, We can inject commands in any fields of a member in an email group =210 for example, and when it's exported to CSV it will be evaluated to 20 in the corresponding cell, this enables an attacker to spread malware and execute system level commands on a victim's machine if the victim download...
Trello: CSV Injection
Hello, We can inject commands in the name field of a board =210 for example, and when it's exported to CSV it will be evaluated to 20 in the corresponding cell, this enables an attacker to spread malware and execute system level commands on a victim's machine if the victim downloaded the CSV file...
Threat Outbreak Alert: Fake Product Purchase Order Email Messages on October 1, 2013
Medium Alert ID: 31068 First Published: 2013 October 1 14:04 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a product order for the recipient. The text in the email message attempts to convince the recipient to open the...
New Ramnit Variant Is Stealing Facebook Credentials
The Ramnit worm, which was first detected more than 18 months ago, has continued to evolve and now has spawned a version that is targeting victims’ Facebook credentials, and with great success. Researchers at Seculert in Israel have found a variant of Ramnit that is stealing those credentials and...
Spammers Moving to Disposable Domains
Spammers and the botnet operators they’re allied with are continuing to adapt their techniques to evade security technologies, and now are using what amount to disposable domains for their activities. A new report shows that the spammers are buying dozens of domains at a time and moving from one ...