Jan 19, 2023Ravie LakshmananThreat Intelligence / Malware Cybercriminals are increasingly leveraging malicious LNK files as an initial access method to download and execute payloads such as Bumblebee, IcedID,… Continue reading
Tag: Malicious
Wow, even the FBI is recommending people use adblockers to combat malicious search engine advertising
If you need another reason to be more careful online, try this: The FBI is warning people of a new shady tactic cyber criminals are using to trick… Continue reading
Jan 09, 2023Ravie LakshmananNetwork Security / Supply Chain In yet another campaign targeting the Python Package Index (PyPI) repository, six malicious packages have been found deploying information stealers… Continue reading
Hackers Can Abuse Visual Studio Marketplace to Target Developers with Malicious Extensions
Jan 09, 2023Ravie LakshmananSupply Chain / CodeSec A new attack vector targeting the Visual Studio Code extensions marketplace could be leveraged to upload rogue extensions masquerading as their… Continue reading
Jan 02, 2023Ravie LakshmananSupply Chain / Machine Learning The maintainers of the PyTorch package have warned users who have installed the nightly builds of the library between December… Continue reading
Dec 28, 2022Ravie LakshmananMalware / Windows Security Microsoft’s decision to block Visual Basic for Applications (VBA) macros by default for Office files downloaded from the internet has led… Continue reading
Dec 19, 2022Ravie LakshmananSoftware Security / Supply Chain Cybersecurity researchers have discovered a new malicious package on the Python Package Index (PyPI) repository that impersonates a software development… Continue reading
Dec 15, 2022Ravie Lakshmanan NuGet, PyPi, and npm ecosystems are the target of a new campaign that has resulted in over 144,000 packages being published by unknown threat… Continue reading
New findings from cybersecurity firm JFrog show that malware targeting the npm ecosystem can evade security checks by taking advantage of an “unexpected behavior” in the npm command… Continue reading
A malicious Android SMS application found on the Google Play Store has been found to stealthily harvest text messages with the goal of creating accounts on a wide… Continue reading