Glitch service abused to host short-lived phishing sites
Phishing actors are now actively abusing the Glitch platform to host short-lived credential-stealing URLs for free while evading detection and…
Here are the new Emotet spam campaigns hitting mailboxes worldwide
The Emotet malware kicked into action yesterday after a ten-month hiatus with multiple spam campaigns delivering malicious documents to mailboxes…
Microsoft warns of surge in HTML smuggling phishing attacks
Microsoft has seen a surge in malware campaigns using HTML smuggling to distribute banking malware and remote access trojans (RAT).…
New Application Security Toolkit Uncovers Dependency Confusion Attacks
The Dependency Combobulator is an open source Python-based toolkit that helps developers discover malicious software components that may have accidentally…
New Magecart group uses an e-Skimmer that avoids VMs and sandboxes
A new Magecart group leverages a browser script to evade virtualized environments and sandboxes used by researchers. Malwarebytes […] The…
Mozilla Thunderbird 91.3 released to fix high impact flaws
Mozilla released Thunderbird 91.3 to fix several high-impact vulnerabilities that can cause a denial of service, spoof the origin, bypass…
Popular ‘coa’ NPM library hijacked to steal user passwords
Popular npm library 'coa' was hijacked today with malicious code injected into it, ephemerally impacting React pipelines around the world.…
Trojan Source attack method allows hiding flaws in source code
Researchers devised a new attack method called ‘Trojan Source’ that allows hide vulnerabilities into the source code of […] The…
‘Trojan Source’ attack method can hide bugs into open-source code
Academic researchers have released details about a new attack method they call "Trojan Source" that allows injecting vulnerabilities into the…
New ‘Trojan Source’ Method Lets Attackers Hide Vulns in Source Code
Researchers discover a new technique attackers could use to encode vulnerabilities into software while evading detection.