Category: Uncategorized
-

Microsoft Credits EncryptHub, Hacker Behind 618+ Breaches, for Disclosing Windows Flaws [email protected] (The Hacker News)
A likely lone wolf actor behind the EncryptHub persona was acknowledged by Microsoft for discovering and reporting two security flaws in Windows last month, painting a picture of a “conflicted” individual straddling a legitimate career in cybersecurity and pursuing cybercrime. In a new extensive analysis published by Outpost24 KrakenLabs, the Swedish security company unmasked the…
-

North Korean Hackers Deploy BeaverTail Malware via 11 Malicious npm Packages [email protected] (The Hacker News)
The North Korean threat actors behind the ongoing Contagious Interview campaign are spreading their tentacles on the npm ecosystem by publishing more malicious packages that deliver the BeaverTail malware, as well as a new remote access trojan (RAT) loader. “These latest samples employ hexadecimal string encoding to evade automated detection systems and manual code audits,…
-

Malicious Python Packages on PyPI Downloaded 39,000+ Times, Steal Sensitive Data [email protected] (The Hacker News)
Cybersecurity researchers have uncovered malicious libraries in the Python Package Index (PyPI) repository that are designed to steal sensitive information. Two of the packages, bitcoinlibdbfix and bitcoinlib-dev, masquerade as fixes for recent issues detected in a legitimate Python module called bitcoinlib, according to ReversingLabs. A third package discovered by Socket, disgrasya, contained aRead More
-

SpotBugs Access Token Theft Identified as Root Cause of GitHub Supply Chain Attack [email protected] (The Hacker News)
The cascading supply chain attack that initially targeted Coinbase before becoming more widespread to single out users of the “tj-actions/changed-files” GitHub Action has been traced further back to the theft of a personal access token (PAT) related to SpotBugs. “The attackers obtained initial access by taking advantage of the GitHub Actions workflow of SpotBugs, a…
-

Have We Reached a Distroless Tipping Point? [email protected] (The Hacker News)
There’s a virtuous cycle in technology that pushes the boundaries of what’s being built and how it’s being used. A new technology development emerges and captures the world’s attention. People start experimenting and discover novel applications, use cases, and approaches to maximize the innovation’s potential. These use cases generate significant value, fueling demand for the…
-
IPsec vs. SSL VPNs: What are the differences?
New technologies get all the headlines, but VPNs aren’t going away anytime soon. Speed and security are among the factors to consider when determining what type of VPN to use.Read More
-

Critical Ivanti Flaw Actively Exploited to Deploy TRAILBLAZE and BRUSHFIRE Malware [email protected] (The Hacker News)
Ivanti has disclosed details of a now-patched critical security vulnerability impacting its Connect Secure that has come under active exploitation in the wild. The vulnerability, tracked as CVE-2025-22457 (CVSS score: 9.0), concerns a case of a stack-based buffer overflow that could be exploited to execute arbitrary code on affected systems. “A stack-based buffer overflow in…
-

OPSEC Failure Exposes Coquettte’s Malware Campaigns on Bulletproof Hosting Servers [email protected] (The Hacker News)
A novice cybercrime actor has been observed leveraging the services of a Russian bulletproof hosting (BPH) provider called Proton66 to facilitate their operations. The findings come from DomainTools, which detected the activity after it discovered a phony website named cybersecureprotect[.]com hosted on Proton66 that masqueraded as an antivirus service. The threat intelligence firm said itRead…
-

CERT-UA Reports Cyberattacks Targeting Ukrainian State Systems with WRECKSTEEL Malware [email protected] (The Hacker News)
The Computer Emergency Response Team of Ukraine (CERT-UA) has revealed that no less than three cyber attacks were recorded against state administration bodies and critical infrastructure facilities in the country with an aim to steal sensitive data. The campaign, the agency said, involved the use of compromised email accounts to send phishing messages containing links…
-

Critical Flaw in Apache Parquet Allows Remote Attackers to Execute Arbitrary Code [email protected] (The Hacker News)
A maximum severity security vulnerability has been disclosed in Apache Parquet’s Java Library that, if successfully exploited, could allow a remote attacker to execute arbitrary code on susceptible instances. Apache Parquet is a free and open-source columnar data file format that’s designed for efficient data processing and retrieval, providing support for complex data, high-performanceRead More
