Temporarily no new users welcome on PyPi due to malware
The Python repository felt compelled to intervene after packages were uploaded that executed malicious code on devices. It was also temporarily unable to create new projects.
PyPi has since returned to normal operation. However, it was not possible to register and create projects for 10 hours. G... Read more
StrelaStealer malware steals login credentials in Europe and U.S.
A new StrelaStealer malware campaign has affected more than 100 companies and organizations in the U.S. and Europe. Hackers are now also using ZIP files to spread the malware payload, Palo Alto Networks Unit42 concludes.
The StrelaStealer malware spread particularly quickly in November 2023, as ... Read more
Chrome able to block 25 percent more phishing attempts
Google is improving phishing and malware protection for Chrome users. Websites are now monitored in real-time. This was necessary after Google found that malicious websites existed for an average of 10 minutes.
An update to the Safe Browsing feature, launched in 2005, should better protect Chro... Read more
Thousands of websites infected via vulnerable Popup Builder plugin for WordPress
Hackers have infected more than 3,300 websites with malware in recent weeks, despite the fact that the vulnerability was discovered late last year. The vulnerability is present in outdated versions of the Popup Builder plugin.
The cross-site scripting vulnerability CVE-2023-6000 in Popup Builder... Read more
State hackers actively misuse AI for debugging and malware creation
State-sponsored hackers from several countries actively use AI and LLMs to support their attack campaigns. Microsoft and OpenAI share how they are leveraging their research results to improve the security of AI tools.
According to Microsoft and OpenAI, state-sponsored hackers increasingly use AI... Read more
Apple makes sideloading more dangerous than necessary to favour its App Store
Apple tries to keep its own App Store as secure as possible. While reports of Android malware circulate relatively often, dangerous iOS apps appear to rear their ugly head far less often. Apple claims this is due to the full control it has over the App Store. As European legislation forces the comp... Read more
How Chinese cyber spies targeted the Dutch Ministry of Defense
The Dutch Ministry of Defense discovered in 2023 that it was being spied on by China via malware. The damage appears to have been limited in scope, but Dutch intelligence services say Chinese state actors are frequently targeting the Netherlands and its allies.
The malware has been christened CO... Read more
FBI proactively removes Chinese botnet malware on hundreds of SOHO routers
The FBI hindered the operations of the Chinese hacker gang Volt Typhoon yesterday. The U.S. security agency removed proactively these hackers' KV Botnet malware on hundreds of Small business and Home Office (SOHO) routers. Potential future new infections were also prevented.
According to the FBI... Read more
Androxgh0st botnet steals AWS and Microsoft credentials
CISA and the FBI warn of a campaign aiming to steal cloud credentials. Cybercriminals are attempting to use the Androxgh0st malware to create a botnet that steals credentials from cloud services. This data is then used to deliver malicious payloads.
Androxgh0st is known as an "SMTP cracker," whi... Read more
Microsoft blocks MSIX protocol handler
Microsoft has again blocked the MSIX ms-appinstaller protocol handler to prevent hackers from using it to infect Windows environments with ransomware.
Microsoft's research shows that malware attacks on Windows environments again exploit the CVE-2021-43890 Windows AppX Installer spoofing vulnerab... Read more