Category: Uncategorized
-
Disney Investigating Hacker Group’s Data Theft Claims Eduard Kovacs
Disney has launched an investigation after a hacker group named NullBulge leaked data allegedly stolen from the company. The post Disney Investigating Hacker Group’s Data Theft Claims appeared first on SecurityWeek. Read More
-

Malicious npm Packages Found Using Image Files to Hide Backdoor Code [email protected] (The Hacker News)
Cybersecurity researchers have identified two malicious packages on the npm package registry that concealed backdoor code to execute malicious commands sent from a remote server. The packages in question – img-aws-s3-object-multipart-copy and legacyaws-s3-object-multipart-copy – have been downloaded 190 and 48 times each. As of writing, they have been taken down by the npm security team.…
-
Kaspersky Leaving US Following Government Ban Eduard Kovacs
Kaspersky is shutting down operations in the US and laying off employees following the recent Commerce Department ban. The post Kaspersky Leaving US Following Government Ban appeared first on SecurityWeek. Read More
-

Iranian Hackers Deploy New BugSleep Backdoor in Middle East Cyber Attacks [email protected] (The Hacker News)
The Iranian nation-state actor known as MuddyWater has been observed using a never-before-seen backdoor as part of a recent attack campaign, shifting away from its well-known tactic of deploying legitimate remote monitoring and management (RMM) software for maintaining persistent access. That’s according to independent findings from cybersecurity firms Check Point and Sekoia, which haveRead More
-

Void Banshee APT Exploits Microsoft MHTML Flaw to Spread Atlantida Stealer [email protected] (The Hacker News)
An advanced persistent threat (APT) group called Void Banshee has been observed exploiting a recently disclosed security flaw in the Microsoft MHTML browser engine as a zero-day to deliver an information stealer called Atlantida. Cybersecurity firm Trend Micro, which observed the activity in mid-May 2024, the vulnerability – tracked as CVE-2024-38112 – was used as…
-

Kaspersky Exits U.S. Market Following Commerce Department Ban [email protected] (The Hacker News)
Russian security vendor Kaspersky has said it’s exiting the U.S. market nearly a month after the Commerce Department announced a ban on the sale of its software in the country citing a national security risk. News of the closure was first reported by journalist Kim Zetter. The company is expected to wind down its U.S.…
-

CISA Warns of Actively Exploited RCE Flaw in GeoServer GeoTools Software [email protected] (The Hacker News)
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a critical security flaw impacting OSGeo GeoServer GeoTools to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. GeoServer is an open-source software server written in Java that allows users to share and edit geospatial data. It is the reference implementation…
-

GitHub Token Leak Exposes Python’s Core Repositories to Potential Attacks [email protected] (The Hacker News)
Cybersecurity researchers said they discovered an accidentally leaked GitHub token that could have granted elevated access to the GitHub repositories of the Python language, Python Package Index (PyPI), and the Python Software Foundation (PSF) repositories. JFrog, which found the GitHub Personal Access Token, said the secret was leaked in a public Docker container hosted on…
-
Data of Millions of mSpy Customers Leaked Online Ionut Arghire
Over 310 GB of data from mSpy, including 2.4 million email addresses and other user data, was leaked online. The post Data of Millions of mSpy Customers Leaked Online appeared first on SecurityWeek. Read More
-
IoT Security Firm Exein Raises $16.3 Million Ionut Arghire
IoT cybersecurity company Exein has raised €15 million (~$16.3 million) in a Series B funding round led by 33N. The post IoT Security Firm Exein Raises $16.3 Million appeared first on SecurityWeek. Read More
