Security News

Filter by:

Attackers Are Already Exploiting ChatGPT to Write Malicious Code

The AI-based chatbot is allowing bad actors with absolutely no coding experience to develop malware.
Dark Reading 10 Jan 2023 590 Views

Microsoft: Kubernetes clusters hacked in malware campaign via PostgreSQL

The Kinsing malware is now actively breaching Kubernetes clusters by leveraging known weaknesses in container images and misconfigured, exposed PostgreSQL containers. [...]
Bleepingcomputer 10 Jan 2023 656 Views

Severe Security Flaw Found in "jsonwebtoken" Library Used by 22,000+ Projects

A high-severity security flaw has been disclosed in the open source jsonwebtoken (JWT) library that, if successfully exploited, could lead to remote code execution on a target server. "By exploiting this vulnerability, attackers could achieve remote code execution (RCE) ...
The Hacker News 10 Jan 2023 419 Views

Russian Turla Hackers Hijack Decade-Old Malware Infrastructure to Deploy New Backdoors

The Russian cyberespionage group known as Turla has been observed piggybacking on attack infrastructure used by a decade-old malware to deliver its own reconnaissance and backdoor tools to targets in Ukraine. Google-owned Mandiant, which is tracking the operation under the uncategorized cluster moniker ...
The Hacker News 8 Jan 2023 496 Views

Hackers Using CAPTCHA Bypass Tactics in Freejacking Campaign on GitHub

A South Africa-based threat actor known as Automated Libra has been observed employing CAPTCHA bypass techniques to create GitHub accounts in a programmatic fashion as part of a freejacking campaign dubbed PURPLEURCHIN. The group "primarily targets cloud platforms offering limited-time trials of cloud resources...
The Hacker News 7 Jan 2023 431 Views

Malicious PyPi packages create CloudFlare Tunnels to bypass firewalls

Six malicious packages on PyPI, the Python Package Index, were found installing information-stealing and RAT (remote access trojan) malware while using Cloudflare Tunnel to bypass firewall restrictions for remote access. [...]
Bleepingcomputer 7 Jan 2023 406 Views

Twitter data dump: 200m+ account database now free to download

No passwords, but plenty of stuff for social engineering and doxxing More than 200 million Twitter users' information is now available for anyone to download for free.…
The Register 6 Jan 2023 6027 Views

New SHC-compiled Linux malware installs cryptominers, DDoS bots

A new Linux malware downloader created using SHC (Shell Script Compiler) has been spotted in the wild, infecting systems with Monero cryptocurrency miners and DDoS IRC bots. [...]
Bleepingcomputer 5 Jan 2023 629 Views

Rackspace confirms Play ransomware was behind recent cyberattack

Texas-based cloud computing provider Rackspace has confirmed that the Play ransomware operation was behind a recent cyberattack that took down the company's hosted Microsoft Exchange environments. [...]
Bleepingcomputer 5 Jan 2023 673 Views

Zoho urges admins to patch critical ManageEngine bug immediately

Business software provider Zoho has urged customers to patch a critical security flaw affecting multiple ManageEngine products. [...]
Bleepingcomputer 5 Jan 2023 649 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY