Indian cyber mercenaries are hacking parties involved in lawsuits around the world, according to a treasure trove of thousands of email records found by…
General
Workflow Weaknesses In GitHub Actions Gave Applications Like Logstash Write Access
Worst-case possibilities included malicious construction and greater infrastructural compromise. Multiple workflows of the well-known continuous integration and development (CI/CD) service GitHub Actions have been…
Malicious Npm Packages Target Discord Users Once More
A recent LofyLife campaign infects client files and obtains tokens to track user activity including logins, password changes, and payment methods. Researchers have discovered…
The US Government Alerts Citizens To The Rise in SMS Phishing Attempts
Americans have been alerted by the Federal Communications Commission (FCC) to an upsurge in SMS (Short Message Service) phishing attacks that aim to steal…
Numerous Android Apps On The Google Play Store Have Been Discovered To Drop Banking Malware
A malicious effort used Android dropper apps that appeared to be innocuous from the Google Play Store to infect consumers’ smartphones with banking malware.…
Framing without iframes
Recently, Portswigger researchers discovered new techniques for framing a website without using the iframe element when researching XSS vectors. To include these, PortSwigger has…
Untangling KNOTWEED: A private European Offensive Actor Employing 0-Day Exploits
A private-sector offensive actor (PSOA) was discovered by the Microsoft Threat Intelligence Center (MSTIC) and the Microsoft Security Response Center (MSRC) using a number…
The CISA Director Warns That Ransomware Hackers Will Continue To Target Smaller Critical Infrastructure
Brandon Wales, the executive director of CISA, spoke on how ransomware perpetrators target businesses of all sizes and how CISA wants firms to stop…
4 Steps the Financial Industry Can Take to Cope with Their Growing Attack Surface
The financial services sector has long been at the forefront of technology adoption, but the 2020 pandemic has hastened the adoption of chat-based customer…
Experts Discover Similarities Between BlackMatter Ransomware and New LockBit 3.0
The most recent version of the LockBit ransomware shares characteristics with BlackMatter, a renamed form of the DarkSide ransomware strain that went out of…