A Chinese threat actor infiltrated several IT and security companies in a bring-your-own VS code, with an eye to carrying out a supply-chain-based espionage attack.
In this article, I explained how I could compromise the sysupgrade.openwrt.org service by exploiting the command injection and the SHA-256 collision.
As I never found the hash collision attack in a real-world application, I was surprised that I could successfully exploit it by brute-forcing hashes.
The investigation began in the autumn of 2022, following reports of fraudulent phone calls in which scammers impersonated bank employees to extract sensitive information, such as addresses and security answers, from victims. The stolen data was traced back to a specialised online marketplace that operated as a central hub for the trade of illegally obtained information.A central hub for cyber...
Smartphone apps downloaded from Apple and Google can allow parents and other abusers to connect with pedophiles who pay to watch — and direct — criminal behavior.
Apple's macOS has been under siege in 2024 as malware-as-a-service platforms and AI-driven threats make the year a turning point for Mac security.
A deep dive into macOS malware this year.
Phishing attacks increased nearly 40 percent in the year ending August 2024, with much of that growth concentrated at a small number of new generic top-level domains (gTLDs) -- such as .shop, .top, .xyz -- that attract scammers with rock-bottom…
See technical analysis of a zero-day attack that uses corrupted malicious files to bypass detection by advanced security systems.
The team at CYFIRMA analyzed a malicious Android sample designed to target high-value assets in Southern Asia. This sample, attributed to an unknown threat actor, was generated using the Spynote Remote Administration Tool. While the specifics of the targeted asset remain confidential, it is likely that such a target would attract the interest of APT groups. However, we are restricted from disclosing further details about the actual target and its specific region. For a comprehensive analysis, please refer to the detailed report
Officials from EU anti-fraud office were allegedly followed, wiretapped and had their laptops hacked by Hungary’s intelligence agency.
Some users are still lamenting issues in using the encrypted email service
Cado Security Labs details the discovery of a new cross-platform information stealer malware dubbed "Meeten" targeting macOS and Windows users.
Two NHS trusts in England have been hacked in recent weeks, the latest attacks to hit the national health service.
FBI and CISA officials have advised Americans to use encrypted call and messaging apps to protect their communications from threat actors.
This guide provides network engineers and defenders of communications infrastructure with best practices to strengthen their visibility and harden their network
Anna Jaques Hospital revealed that the ransomware attack it suffered last year has exposed sensitive health data for over 316,000 patients.
TL;DR: zizmor would have caught the vulnerability that caused this…mostly. Read on for details.
The popular Ultralytics YOLO11 AI model was compromised in a supply chain attack to deploy cryptominers on devices running versions 8.3.41 and 8.3.42 from the Python Package Index (PyPI)
Key findings from our analysis include:
Advanced Surveillance Capabilities:
Comprehensive Data Exfiltration:
Persistence Mechanisms:
Abuse of Legitimate Services:
Indicators of Compromise (IoCs):
Need for Collective Protection:
