Malicious Archives - NuclearCoffee

Hacker news

New Research Delves into the World of Malicious LNK Files and Hackers Behind Them

On Jan 19, 2023 1:33 pm, by NuclearCoffee

Jan 19, 2023Ravie LakshmananThreat Intelligence / Malware Cybercriminals are increasingly leveraging malicious LNK files as an initial access method to download and execute payloads such as Bumblebee, IcedID,… Continue reading

PcGamer

Wow, even the FBI is recommending people use adblockers to combat malicious search engine advertising

On Jan 18, 2023 9:06 pm, by NuclearCoffee

If you need another reason to be more careful online, try this: The FBI is warning people of a new shady tactic cyber criminals are using to trick… Continue reading

Hacker news

Malicious PyPI Packages Using Cloudflare Tunnels to Sneak Through Firewalls

On Jan 09, 2023 10:25 am, by NuclearCoffee

Jan 09, 2023Ravie LakshmananNetwork Security / Supply Chain In yet another campaign targeting the Python Package Index (PyPI) repository, six malicious packages have been found deploying information stealers… Continue reading

Hacker news

Hackers Can Abuse Visual Studio Marketplace to Target Developers with Malicious Extensions

On Jan 09, 2023 8:23 am, by NuclearCoffee

Jan 09, 2023Ravie LakshmananSupply Chain / CodeSec A new attack vector targeting the Visual Studio Code extensions marketplace could be leveraged to upload rogue extensions masquerading as their… Continue reading

Hacker news

PyTorch Machine Learning Framework Compromised with Malicious Dependency

On Jan 02, 2023 3:34 pm, by NuclearCoffee

Jan 02, 2023Ravie LakshmananSupply Chain / Machine Learning The maintainers of the PyTorch package have warned users who have installed the nightly builds of the library between December… Continue reading

Hacker news

APT Hackers Turn to Malicious Excel Add-ins as Initial Intrusion Vector

On Dec 28, 2022 9:27 am, by NuclearCoffee

Dec 28, 2022Ravie LakshmananMalware / Windows Security Microsoft’s decision to block Visual Basic for Applications (VBA) macros by default for Office files downloaded from the internet has led… Continue reading

Hacker news

Researchers Discover Malicious PyPI Package Posing as SentinelOne SDK to Steal Data

On Dec 19, 2022 7:03 pm, by NuclearCoffee

Dec 19, 2022Ravie LakshmananSoftware Security / Supply Chain Cybersecurity researchers have discovered a new malicious package on the Python Package Index (PyPI) repository that impersonates a software development… Continue reading

Hacker news

Hackers Bombard Open Source Repositories with Over 144,000 Malicious Packages

On Dec 15, 2022 9:16 am, by NuclearCoffee

Dec 15, 2022Ravie Lakshmanan NuGet, PyPi, and npm ecosystems are the target of a new campaign that has resulted in over 144,000 packages being published by unknown threat… Continue reading

Hacker news

Researchers Find a Way Malicious NPM Libraries Can Evade Vulnerability Detection

On Nov 30, 2022 2:46 pm, by NuclearCoffee

New findings from cybersecurity firm JFrog show that malware targeting the npm ecosystem can evade security checks by taking advantage of an “unexpected behavior” in the npm command… Continue reading

Hacker news

This Malicious App Abused Hacked Devices to Create Fake Accounts on Multiple Platforms

On Nov 30, 2022 12:44 pm, by NuclearCoffee

A malicious Android SMS application found on the Google Play Store has been found to stealthily harvest text messages with the goal of creating accounts on a wide… Continue reading

Tag: Malicious

Stay Connected