Quotidien Shaarli

Après une première attaque au printemps, les sites de l'État luxembourgeois ont été à nouveau visés le 23 octobre dernier par une attaque "DDoS".

• Check Point Research discovered a new technique taking advantage of Godot Engine, a popular open-source game engine, to execute crafted GDScript, code which triggers malicious commands and delivers malware. The technique remains undetected by almost all antivirus engines in VirusTotal.
• Check Point identified GodLoader, a loader that employs this new technique. The threat actor behind this malware has been utilizing it since June 29, 2024, infecting over 17,000 machines
• The malicious GodLoader is distributed by the Stargazers Ghost Network, a GitHub network that distributes malware as a service. Throughout September and October, approximately 200 repositories and over 225 Stargazers were used to legitimize the repositories distributing the malware.
• This new technique allows threat actors to target and infect devices across multiple platforms, such as Windows, macOS, Linux, Android, and iOS.
• Check Point Research demonstrates how this multi-platform technique can successfully drop payloads in Linux and MacOS.
• A potential attack can target over 1.2 million users of Godot-developed games. These scenarios involve taking advantage of legitimate Godot executables to load malicious scripts in the form of mods or other downloadable content.

Supply chain management SaaS vendor Blue Yonder experienced a ransomware attack that impacted big companies like Starbucks.

BlackBerry is tracking a new campaign that delivers Trojanized MSI files that utilize DLL sideloading to execute LegionLoader, a malicious program typically used to distribute multiple infostealers on the victim’s system.

Understand the threat of PHP reinfector malware on WordPress sites, compromising plugins like Imagify and using malicious admin users.