Lucene search
K

22 matches found

The Hacker News
The Hacker News
added 2025/07/02 5:9 p.m.6 views

North Korean Hackers Target Web3 with Nim Malware and Use ClickFix in BabyShark Campaign

Threat actors with ties to North Korea have been observed targeting Web3 and cryptocurrency-related businesses with malware written in the Nim programming language, underscoring a constant evolution of their tactics. "Unusually for macOS malware, the threat actors employ a process injection...

8.4AI score
Exploits0
The Hacker News
The Hacker News
added 2025/03/11 2:35 p.m.23 views

Blind Eagle Hacks Colombian Institutions Using NTLM Flaw, RATs and GitHub-Based Attacks

The threat actor known as Blind Eagle has been linked to a series of ongoing campaigns targeting Colombian institutions and government entities since November 2024. "The monitored campaigns targeted Colombian judicial institutions and other government or private organizations, with high infection...

6.5CVSS7.3AI score0.81817EPSS
Exploits0
The Hacker News
The Hacker News
added 2025/02/14 11:0 a.m.18 views

AI-Powered Social Engineering: Ancillary Tools and Techniques

Social engineering is advancing fast, at the speed of generative AI. This is offering bad actors multiple new tools and techniques for researching, scoping, and exploiting organizations. In a recent communication, the FBI pointed out: 'As technology continues to evolve, so do cybercriminals'...

7AI score
Exploits0
HackRead
HackRead
added 2024/12/10 6:51 p.m.8 views

Black Basta Ransomware Uses MS Teams, Email Bombing to Spread Malware

The Black Basta ransomware group is using advanced social engineering tactics and a multi-stage infection process to target organizations...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/13 7:14 a.m.3 views

Iranian Hackers Use "Dream Job" Lures to Deploy SnailResin Malware in Aerospace Attacks

The Iranian threat actor known as TA455 has been observed taking a leaf out of a North Korean hacking group's playbook to orchestrate its own version of the Dream Job campaign targeting the aerospace industry by offering fake jobs since at least September 2023. "The campaign distributed the...

7.3AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2024/05/23 1:0 p.m.12 views

Cyber Signals: Inside the growing risk of gift card fraud

In the ever-evolving landscape of cyberthreats, staying ahead of malicious actors is a constant challenge. Microsoft Threat Intelligence has observed that gift cards are attractive targets for fraud and social engineering practices. Unlike credit or debit cards, there’s no customer name or bank...

7.5AI score
Exploits0
Cvelist
Cvelist
added 2023/11/15 12:0 a.m.34 views

CVE-2023-48199

HTML Injection vulnerability in the 'manageApiKeys' component in Grocy = 4.0.3 allows attackers to inject arbitrary HTML content without script execution. This occurs when user-supplied data is not appropriately sanitized, enabling the injection of HTML tags through parameter values. The attacker...

8.1AI score0.00502EPSS
Exploits1References4
OSV
OSV
added 2023/07/11 12:0 a.m.10 views

MAL-2023-1550 Malicious code in btc-api-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx f59f6e40fe31bd4d5d4aa5da8bc0d032e2bbff9166104dc707c2987f953a5d93 Lazarus Group targeting blockchain and cryptocurrency companies by exploiting software supply chains through malicious npm packages and social engineering...

7.2AI score
Exploits0References4
OSV
OSV
added 2023/07/06 12:0 a.m.10 views

MAL-2023-314 Malicious code in eth-api-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx ae0229b0b9b6f52ad99cbadf592c4cd4a35c6b90764717a8d37ce843df055398 Lazarus Group targeting blockchain and cryptocurrency companies by exploiting software supply chains through malicious npm packages and social engineering...

7AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2023/06/21 12:0 a.m.5 views

Malicious code in sync-http-api (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 666c54b1098d52ea02eebf562d8cf02c1a736ee608eb15029543afd5181e4094 Lazarus Group targeting blockchain and cryptocurrency companies by exploiting software supply chains through malicious npm packages and social engineering...

6.9AI score
Exploits0References2
OSV
OSV
added 2023/06/21 12:0 a.m.9 views

MAL-2023-107 Malicious code in assets-graph (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx e513e7556846ca62fa4d27646eef928d55f2c2954ce9caa51dd63643e2adf445 Lazarus Group targeting blockchain and cryptocurrency companies by exploiting software supply chains through malicious npm packages and social engineering...

7AI score
Exploits0References2
OSV
OSV
added 2023/05/16 12:0 a.m.11 views

MAL-2023-1554 Malicious code in ipstringfy (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx deea2822e14722106952d830748fc4b8c86f7613827ea90caaeb796f9a9eb9f4 Lazarus Group targeting blockchain and cryptocurrency companies by exploiting software supply chains through malicious npm packages and social engineering...

7.2AI score
Exploits0References1
OSV
OSV
added 2023/05/12 12:0 a.m.15 views

MAL-2023-975 Malicious code in xml2yaml (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx ede33f285ce592232ffffd5ea89eb8505d88e0d520640d52c721560d06d02f69 Lazarus Group targeting blockchain and cryptocurrency companies by exploiting software supply chains through malicious npm packages and social engineering...

7AI score
Exploits0References2
The Hacker News
The Hacker News
added 2021/10/21 7:3 a.m.43 views

Hackers Stealing Browser Cookies to Hijack High-Profile YouTube Accounts

Since at least late 2019, a network of hackers-for-hire have been hijacking the channels of YouTube creators, luring them with bogus collaboration opportunities to broadcast cryptocurrency scams or sell the accounts to the highest bidder. That's according to a new report published by Google's...

0.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/05/01 3:51 p.m.45 views

Mysterious database exposed personal information of 80 million US households

Word has broken of yet another massive data trove exposed for anyone to see. A research team from vpnMentor discovered an exposed 24GB database hosted on a Microsoft cloud server containing the addresses, income levels, and marital statuses of users within 80 million US households. As we’ve seen...

7AI score
Exploits0
ThreatPost
ThreatPost
added 2019/03/05 9:0 p.m.58 views

RSA Conference 2019: BEC Scammer Gang Takes Aim at Boy Scouts, Other Nonprofts

SAN FRANCISCO – A Nigeria-based scammer gang dubbed “Scarlet Widow” has been launching email fraud attacks against thousands of targets – including universities, the Salvation Army, and Boy Scouts of America. Researchers with Agari detailed the attack during an RSA Conference session on Tuesday...

6.7AI score
Exploits0References3
Malwarebytes
Malwarebytes
added 2018/07/26 5:21 p.m.67 views

Introducing: Malwarebytes Browser Extension

Are you tired of all the unwanted content the world wide web offers up, whether you like it or not? It is our privilege to introduce you to the Malwarebytes Browser Extension BETA. Or, better said, the Malwarebytes Browser Extensions, because we have one for Firefox and one for Chrome. Introducti...

0.2AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2017/04/03 12:58 p.m.1355 views

Tech support scams persist with increasingly crafty techniques

Note: Our Tech support scams FAQ page has the latest info on this type of threat, including scammer tactics, fake error messages, and the latest scammer hotlines. You can also read our latest blog, New tech support scam launches communication or phone call app. Millions of users continue to...

6.5AI score
Exploits0
The Hacker News
The Hacker News
added 2016/02/18 9:37 p.m.13 views

How Just Opening an MS Word Doc Can Hijack Every File On Your System

If you receive a mail masquerading as a company's invoice and containing a Microsoft Word file, think twice before clicking on it. Doing so could cripple your system and could lead to a catastrophic destruction. Hackers are believed to be carrying out social engineering hoaxes by adopting...

6.5AI score
Exploits0
The Hacker News
The Hacker News
added 2014/01/20 12:43 a.m.16 views

U.S. based Cloud Hosting providers contribute 44% of Malware distribution

U.S. has the top Security Agencies like NSA, FBI to tackle cyber crime and terrorism with their high profile surveillance technologies, but even after that U.S is proudly hosting 44% of the entire cloud based malware distribution. With the enhancement in Internet technology, Cloud computing has...

6.7AI score
Exploits0
Rows per page
Query Builder