.webp?w=324&resize=324,235&ssl=1 "Hackers Weaponize Pentesting Tools With Malicious npm, PyPI, & Ruby Packages")
Hackers Weaponize Pentesting Tools With Malicious npm, PyPI, & Ruby Packages
Threat actors leverage Out-of-Band Application Security Testing (OAST) techniques in the npm, PyPI, and RubyGems ecosystems to carry out multi-stage attacks, establish command and control (C2) channels, and exfiltrate sensitive data.
OAST tools, which were...
New FireScam Android Malware Abusing Firebase Services To Evade Detection
FireScam, an information stealer malware with spyware capabilities, is being disseminated as a fake "Telegram Premium" application. The malware spreads through a phishing website on GitHub.io that imitates the legitimate RuStore app store.
The malware...
Malicious npm Packages Attacking Developers To Steal Sensitive Data Including Private Keys
A malicious npm campaign that poses as the Hardhat plugins and the Nomic Foundation is observed to target Ethereum developers to acquire private keys and other sensitive data.
Hardhat, maintained by the Nomic Foundation, is...
Memory-Based Attacks: How Fileless Malware Operates Without Leaving A Trace
Threat actors are always developing new and more effective approaches to system breaches in the perpetually shifting field of cybersecurity.
From basic computer viruses to the sophisticated persistent dangers of today, malware has developed extremely...
Top 5 Notable Cyber Attacks in December 2024
The cybersecurity research team at ANY.RUN, leveraging their Interactive Sandbox and Threat Intelligence Lookup tools, has uncovered and analyzed a range of emerging threats throughout December 2024.
The team highlighted fascinating trends and vital...
Malicious Apps On Amazon Appstore Records Screen & Intercept OTP’s
Recently, researchers have discovered a relatively harmless app called "BMI CalculationVsn" on the Amazon App Store, masquerading as a normal health tool to steal data.
This application performs malicious actions like screen recording, retrieving a...
%20(1).webp?w=324&resize=324,235&ssl=1 "Raccoon Infostealer Admin Arrested for Hacking Computers")
Raccoon Infostealer Admin Arrested for Hacking Computers
Mark Sokolovsky, a 28-year-old Ukrainian national, has been sentenced to 60 months in federal prison for his role in operating the notorious "Raccoon Infostealer" malware-as-a-service (MaaS). The sentencing marks a significant step in combating...
.webp?w=324&resize=324,235&ssl=1 "Beware Of Malicious SharePoint Notifications Delivering Xloader Malware")
Beware Of Malicious SharePoint Notifications Delivering Xloader Malware
A sophisticated phishing campaign exploiting fake Microsoft SharePoint notifications to distribute the Xloader malware.
This malicious operation, recently intercepted by Sublime Security, highlights the growing threat of cybercriminals leveraging legitimate platforms to bypass traditional defenses.
The...
New DDoS Malware “cShell” Exploit Linux Tools to Attack SSH Servers
The AhnLab Security Intelligence Center (ASEC) has uncovered a new strain of DDoS malware, named cShell, targeting poorly managed Linux SSH servers (screen and hping3).
The malware exploits weak SSH credentials and leverages Linux...
FBI Warns Of HiatusRAT Attacking Web Cameras & DVRs To Gain Full Access
The Federal Bureau of Investigation (FBI) has issued a Private Industry Notification (PIN) alerting cybersecurity professionals and system administrators about a new threat targeting web cameras and digital video recorders (DVRs).
The malware, known...
Recent Posts
CyTwist Launches Advanced Security Solution to identify AI-Driven Cyber Threats in...
CyTwist, a leader in advanced next-generation threat detection solutions, has launched its patented detection engine to combat the insidious rise of AI-generated malware.
The cybersecurity...