A malicious Python package on the Python Package Index (PyPI) repository has been found to use Unicode as a trick to evade detection and deploy an info-stealing malware. The package
Any app that can improve business operations is quickly added to the SaaS stack. However, employees don’t realize that this SaaS-to-SaaS connectivity, which typically takes place outside the view of
Cloud-based repository hosting service GitHub said it took the step of replacing its RSA SSH host key used to secure Git operations “out of an abundance of caution” after it
A recent campaign undertaken by Earth Preta indicates that nation-state groups aligned with China are getting increasingly proficient at bypassing security solutions. The threat actor, active since at least 2012, is tracked by
Patches have been released for a critical security flaw impacting the WooCommerce Payments plugin for WordPress, which is installed on over 500,000 websites. The flaw, if left unresolved, could enable
Google has stepped in to remove a bogus Chrome browser extension from the official Web Store that masqueraded as OpenAI’s ChatGPT service to harvest Facebook session cookies and hijack the
An emerging Android banking trojan dubbed Nexus has already been adopted by several threat actors to target 450 financial applications and conduct fraud. “Nexus appears to be in its early stages of
In 2022 alone, global cyberattacks increased by 38%, resulting in substantial business loss, including financial and reputational damage. Meanwhile, corporate security budgets have risen significantly because of the growing sophistication
Telecommunication providers in the Middle East are the subject of new cyber attacks that commenced in the first quarter of 2023. The intrusion set has been attributed to a Chinese
German and South Korean government agencies have warned about cyber attacks mounted by a threat actor tracked as Kimsuky using rogue browser extensions to steal users’ Gmail inboxes. The joint advisory comes from Germany’s domestic