相關新聞
Attackers Are Already Exploiting ChatGPT to Write Malicious Code
The AI-based chatbot is allowing bad actors with absolutely no coding experience to develop malware.
Dark Reading
2023年01月10日 297 觀看次數
Microsoft: Kubernetes clusters hacked in malware campaign via PostgreSQL
The Kinsing malware is now actively breaching Kubernetes clusters by leveraging known weaknesses in container images and misconfigured, exposed PostgreSQL containers. [...]
Bleepingcomputer
2023年01月10日 206 觀看次數
Severe Security Flaw Found in "jsonwebtoken" Library Used by 22,000+ Projects
A high-severity security flaw has been disclosed in the open source jsonwebtoken (JWT) library that, if successfully exploited, could lead to remote code execution on a target server. "By exploiting this vulnerability, attackers could achieve remote code execution (RCE) ...
The Hacker News
2023年01月10日 199 觀看次數
Russian Turla Hackers Hijack Decade-Old Malware Infrastructure to Deploy New Backdoors
The Russian cyberespionage group known as Turla has been observed piggybacking on attack infrastructure used by a decade-old malware to deliver its own reconnaissance and backdoor tools to targets in Ukraine. Google-owned Mandiant, which is tracking the operation under the uncategorized cluster moniker ...
The Hacker News
2023年01月08日 242 觀看次數
Hackers Using CAPTCHA Bypass Tactics in Freejacking Campaign on GitHub
A South Africa-based threat actor known as Automated Libra has been observed employing CAPTCHA bypass techniques to create GitHub accounts in a programmatic fashion as part of a freejacking campaign dubbed PURPLEURCHIN. The group "primarily targets cloud platforms offering limited-time trials of cloud resources...
The Hacker News
2023年01月07日 197 觀看次數
Malicious PyPi packages create CloudFlare Tunnels to bypass firewalls
Six malicious packages on PyPI, the Python Package Index, were found installing information-stealing and RAT (remote access trojan) malware while using Cloudflare Tunnel to bypass firewall restrictions for remote access. [...]
Bleepingcomputer
2023年01月07日 191 觀看次數
Twitter data dump: 200m+ account database now free to download
No passwords, but plenty of stuff for social engineering and doxxing
More than 200 million Twitter users' information is now available for anyone to download for free.…
The Register
2023年01月06日 259 觀看次數
New SHC-compiled Linux malware installs cryptominers, DDoS bots
A new Linux malware downloader created using SHC (Shell Script Compiler) has been spotted in the wild, infecting systems with Monero cryptocurrency miners and DDoS IRC bots. [...]
Bleepingcomputer
2023年01月05日 281 觀看次數
Rackspace confirms Play ransomware was behind recent cyberattack
Texas-based cloud computing provider Rackspace has confirmed that the Play ransomware operation was behind a recent cyberattack that took down the company's hosted Microsoft Exchange environments. [...]
Bleepingcomputer
2023年01月05日 260 觀看次數
Zoho urges admins to patch critical ManageEngine bug immediately
Business software provider Zoho has urged customers to patch a critical security flaw affecting multiple ManageEngine products. [...]
Bleepingcomputer
2023年01月05日 265 觀看次數
