OpenJS Foundation Targeted in Potential JavaScript Project Takeover Attempt

16/04/2024 0 Comments 0 tags

Security researchers have uncovered a “credible” takeover attempt targeting the OpenJS Foundation in a manner that evokes similarities to the recently uncovered incident aimed at the open-source XZ Utils project.

Hive RAT Creators and $3.5M Cryptojacking Mastermind Arrested in Global Crackdown

16/04/2024 0 Comments 0 tags

Two individuals have been arrested in Australia and the U.S. in connection with an alleged scheme to develop and distribute a remote access trojan called Hive RAT (previously Firebird). The

Muddled Libra Shifts Focus to SaaS and Cloud for Extortion and Data Theft Attacks

15/04/2024 0 Comments 0 tags

The threat actor known as Muddled Libra has been observed actively targeting software-as-a-service (SaaS) applications and cloud service provider (CSP) environments in a bid to exfiltrate sensitive data. “Organizations often store a

AI Copilot: Launching Innovation Rockets, But Beware of the Darkness Ahead

15/04/2024 0 Comments 0 tags

Imagine a world where the software that powers your favorite apps, secures your online transactions, and keeps your digital life could be outsmarted and taken over by a cleverly disguised

Intel and Lenovo BMCs Contain Unpatched Lighttpd Server Flaw

15/04/2024 0 Comments 0 tags

A security flaw impacting the Lighttpd web server used in baseboard management controllers (BMCs) has remained unpatched by device vendors like Intel and Lenovo, new findings from Binarly reveal. While

Palo Alto Networks Releases Urgent Fixes for Exploited PAN-OS Vulnerability

15/04/2024 0 Comments 0 tags

Palo Alto Networks has released hotfixes to address a maximum-severity security flaw impacting PAN-OS software that has come under active exploitation in the wild. Tracked as CVE-2024-3400 (CVSS score: 10.0), the critical

Chinese-Linked LightSpy iOS Spyware Targets South Asian iPhone Users

15/04/2024 0 Comments 0 tags

Cybersecurity researchers have discovered a “renewed” cyber espionage campaign targeting users in South Asia with the aim of delivering an Apple iOS spyware implant called LightSpy. “The latest iteration of LightSpy,

Timing is Everything: The Role of Just-in-Time Privileged Access in Security Evolution

15/04/2024 0 Comments 0 tags

To minimize the risk of privilege misuse, a trend in the privileged access management (PAM) solution market involves implementing just-in-time (JIT) privileged access. This approach to privileged identity management aims to mitigate

U.S. Treasury Hamas Spokesperson for Cyber Influence Operations

13/04/2024 0 Comments 0 tags

The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) on Friday announced sanctions against an official associated with Hamas for his involvement in cyber influence operations. Hudhayfa Samir ‘Abdallah

Ex-Security Engineer Jailed 3 Years for $12.3 Million Crypto Exchange Thefts

13/04/2024 0 Comments 0 tags

A former security engineer has been sentenced to three years in prison in the U.S. for charges relating to hacking two decentralized cryptocurrency exchanges in July 2022 and stealing over $12.3 million.