A malicious crypto mining campaign codenamed 'REF4578,' has been discovered deploying a malicious payload named GhostEngine that uses vulnerable drivers to turn off…
Attackers are exploiting a recently patched and critical severity Atlassian Confluence authentication bypass flaw to encrypt victims' files using Cerber…
JAVS courtroom recording software backdoored in supply chain attack
Attackers have backdoored the installer of widely used Justice AV Solutions (JAVS) courtroom video recording software with malware that lets them…
Intercontinental Exchange to pay $10M SEC penalty over VPN breach
The Intercontinental Exchange (ICE) will pay a $10 million penalty to settle charges brought by the U.S. Securities and Exchange…
GhostEngine mining attacks kill EDR security using vulnerable drivers
A malicious crypto mining campaign codenamed 'REF4578,' has been discovered deploying a malicious payload named GhostEngine that uses vulnerable drivers to turn off…
Attackers Planted Millions of Imageless Repositories on Docker Hub
The purported metadata for each these containers had embedded links to malicious files.
Millions of Docker repos found pushing malware, phishing sites
Three large-scale campaigns have targeted Docker Hub users, planting millions of repositories designed to push malware and phishing sites since…
Malicious AI models on Hugging Face backdoor users’ machines
At least 100 instances of malicious AI ML models were found on the Hugging Face platform, some of which can…
Ukraine Military Targeted With Russian APT PowerShell Attack
The attack, associated with Shuckworm, employs TTPs observed in prior campaigns against the Ukrainian military, predominantly using PowerShell.
BlueNoroff hackers backdoor Macs with new ObjCShellz malware
The North Korean-backed BlueNorOff threat group targets Apple customers with new macOS malware tracked as ObjCShellz that can open remote…
Critical Atlassian Confluence bug exploited in Cerber ransomware attacks
Attackers are exploiting a recently patched and critical severity Atlassian Confluence authentication bypass flaw to encrypt victims' files using Cerber…
The Fake Browser Update Scam Gets a Makeover
One of the oldest malware tricks in the book -- hacked websites claiming visitors need to update their Web browser…