Tag: hackers

January 17, 2023

New research has found that it is possible for threat actors to abuse a legitimate feature in GitHub Codespaces to deliver malware to victim systems. GitHub Codespaces is a cloud-based configurable development environment that allows users to debug, maintain, and […]

January 11, 2023

Twitter has been going through a lot over the last few years, and its troubling past continues to haunt the social media giant. It was recently revealed that hackers had stolen the details of approximately 200 million Twitter users. The […]

January 10, 2023

The advanced persistent threat (APT) group known as StrongPity has targeted Android users with a trojanized version of the Telegram app through a fake website that impersonates a video chat service called Shagle. “A copycat website, mimicking the Shagle service, […]

January 9, 2023

ChatGPT continues filling the headlines – but this time for all the wrong reasons, experts have warned. Cybersecurity researchers from Check Point Research (CPR) have observed the tool being used by cybercriminals to improve – and sometimes build from scratch […]

December 28, 2022

North Korean state-sponsored threat actors have been observed using ransomware against companies and organizations in neighboring South Korea for the first time, police have reported. According to the South China Morning Post, the South Korean National Police Agency said threat […]

December 27, 2022

A Chicago construction and engineering firm that designs power grids is telling consumers it detected “unauthorized activity” that resulted in the theft of names and Social Security numbers. According to a report by CNN, a memo distributed to members of […]

December 27, 2022

BlueNoroff, a subcluster of the notorious Lazarus Group, has been observed adopting new techniques into its playbook that enable it to bypass Windows Mark of the Web (MotW) protections. This includes the use of optical disk image (.ISO extension) and […]

December 27, 2022

BTC.com is a website that provides services for managing and transferring Bitcoin, it offers a digital wallet for storing Bitcoin, a trading interface for exchanging Bitcoin with other cryptocurrencies and fiat currencies, and a mining platform for participating in the […]

December 21, 2022

Threat actors affiliated with a ransomware strain known as Play are leveraging a never-before-seen exploit chain that bypasses blocking rules for ProxyNotShell flaws in Microsoft Exchange Server to achieve remote code execution (RCE) through Outlook Web Access (OWA). “The new […]

December 15, 2022

Web applications, often in the form of Software as a Service (SaaS), are now the cornerstone for businesses all over the world. SaaS solutions have revolutionized the way they operate and deliver services, and are essential tools in nearly every […]

December 15, 2022

Bug bounty hunter Sam Curry discovered a vulnerability in the SiriusXM Connected Vehicle Services telematics platform that allowed him to remotely perform unauthorized tasks in smart cars such as unlocking, starting the engine, and even honking any remotely connected Honda, […]

December 15, 2022

NuGet, PyPi, and npm ecosystems are the target of a new campaign that has resulted in over 144,000 packages being published by unknown threat actors. “The packages were part of a new attack vector, with attackers spamming the open-source ecosystem […]

December 14, 2022

It’s the most wonderful time of the year, but that sadly doesn’t mean that cyberthreats are any less prevalent. This Christmas, hackers and scammers will be looking to capitalise on the latest threats to find an angle that may let […]

December 13, 2022

The social media giant revealed in August that a vulnerability patched in January was exploited to obtain user data before a fix was rolled out. The admission came following reports that the flaw had been exploited to collect data on […]

December 8, 2022

A new set of web skimming attacks have been discovered by JavaScript monitoring company Jscrambler, including attacks using methods that are reportedly unrecognizable. In a blog post(opens in new tab), the company outlined how it detected a web skimming attack […]

November 29, 2022

Threat actors are capitalizing on a popular TikTok challenge to trick users into downloading information-stealing malware, according to new research from Checkmarx. The trend, called Invisible Challenge, involves applying a filter known as Invisible Body that just leaves behind a […]

November 11, 2022

The Australian Federal Police has revealed that those responsible for the data breach of Australian private health insurer Medibank are in Russia. On October 13, Medibank paused trading in the Australian Securities Exchange and announced there had been a “cyber […]

November 3, 2022

A French-speaking threat actor dubbed OPERA1ER has been linked to a series of more than 30 successful cyber attacks aimed at banks, financial services, and telecom companies across Africa, Asia, and Latin America between 2018 and 2022. According to Singapore-headquartered […]

November 2, 2022

The file hosting giant said it learned about the breach on October 14, after being alerted by GitHub. A few weeks earlier, GitHub had warned that some of its users had been targeted in a phishing campaign impersonating the ​​continuous […]

October 31, 2022

A now-patched security flaw has been disclosed in the Galaxy Store app for Samsung devices that could potentially trigger remote command execution on affected phones. The vulnerability, which affects Galaxy Store version 4.5.32.4, relates to a cross-site scripting (XSS) bug […]