Developers in the cryptocurrency sphere are being targeted once again, as yet another threat actor has been exposed. This user has been publishing malicious NPM packages with the purpose of exfiltrating sensitive data such as source code and configuration files from the victim’s machines. The threat actor behind this campaign has been linked to malicious activity dating back to 2021. Since then, they have continuously published malicious code.
Chinese sextortion scam accounts flood X (previously Twitter) after the platform introduced a blue-check policy allowing users to buy verified badges.
Hackers are modifying the open source code of a popular malware strain, adding tools and functions that make it easier to steal data.
An unknown number of LogicMonitor's customers have been hacked due to the fact that the company set weak default passwords.
A WIRED investigation into a cache of documents posted by an unknown figure lays bare the Trickbot ransomware gang’s secrets, including the identity of a central member.
On Tuesday, August 29, 2023, the Federal Bureau of Investigations Los Angeles announced that they and other international partners disrupted the Qakbot malware infrastructure in a successful takedown.
First things first, this is awesome!!!
We're sharing a look into our defense strategy and the latest news on how we build it into our products.
A recent study shows that de-platforming hate networks reduces consumption and production of hateful content on Facebook and diminishes the ability of these hate networks to operate online.
We’re sharing new threat research on two of the largest known covert influence operations in the world from China and Russia, targeting 50+ apps and countries, including the US.
We added new transparency features to Threads, including state-controlled media labels to help people know exactly who they interact with on the new app.
NightOwl was supposed to make Macs work in dark mode. After a recent update, one developer discovered it was siphoning users’ data through a botnet.
A comprehensive exploration of DuckTail's sophisticated infrastructure and insights gained from months of monitoring.
Active since 2007, this prolific malware (also known as QBot or Pinkslipbot) evolved over time using different techniques to infect users and compromise systems. Qakbot infiltrated victims’ computers through spam emails containing malicious attachments or hyperlinks. Once installed on the targeted computer, the malware allowed for infections with next-stage payloads such as ransomware. Additionally, the infected computer became part of...
ESET researchers uncover a toolkit that operates as a Telegram bot and helps scammers target victims on online marketplaces, mainly in Russia.
The sabotage of more than 20 trains in Poland by apparent supporters of Russia was carried out with a simple “radio-stop” command anyone could broadcast with $30 in equipment.
Qakbot, one of the largest and longest-running botnets to date, was taken down following a multinational law enforcement operation spearheaded by the FBI and known as Operation 'Duck Hunt.'
UNC4841 has continued operations despite Barracuda ESG zero-day remediation efforts.
A threat actor believed to be tied to the FIN8 hacking group exploits the CVE-2023-3519 remote code execution flaw to compromise unpatched Citrix NetScaler systems in domain-wide attacks.
Discover the lifecycle of a commercial web traffic filtering service originating from a GitHub project and how it found success within phishing operations, including how it evolved into a commercial platform offering under new branding.
International cybercrime, as portrayed by the movies and mass media, is a high-stakes game of shadowy government agencies and state-sponsored hacking groups. Hollywood casting will wheel out a charact...
The 18 year old leaked clips of the unreleased Grand Theft Auto 6 game while on police bail.
The Rust Security Response WG and the crates.io team were notified on 2022-05-02 of the existence of the malicious crate rustdecimal, which contained malware. The crate name was intentionally similar to the name of the popular rust_decimal crate, hoping that potential victims would misspell its name (an attack called "typosquattin
olish intelligence services are investigating a hacking attack on the country's railways, Polish media say.
Hackers broke into railway frequencies to disrupt traffic in the north-west of the country overnight, the Polish Press Agency (PAP) reported on Saturday.
The signals were interspersed with recording of Russia's national anthem and a speech by President Vladimir Putin, the report says.
