Telegram zero-day allowed sending malicious Android APKs as videos
A Telegram for Android zero-day vulnerability dubbed 'EvilVideo' allowed attackers to send malicious Android APK payloads disguised as video files.…
Security Threats Targeting Large Language Models
Evolving landscape of LLM Security The emergence of Large Language Models (LLMs) has revolutionized the capabilities of artificial intelligence, offering…
‘Crystalray’ Attacks Jump 10X, Using Only OSS to Steal Credentials
Remember when hackers used to write their own malware? Kids these days don't want to work, they just want freely…
Arc browser’s Windows launch targeted by Google ads malvertising
A new Google Ads malvertising campaign, coinciding with the launch of the Arc web browser for Windows, was tricking people into…
JAVS courtroom recording software backdoored in supply chain attack
Attackers have backdoored the installer of widely used Justice AV Solutions (JAVS) courtroom video recording software with malware that lets them…
Intercontinental Exchange to pay $10M SEC penalty over VPN breach
The Intercontinental Exchange (ICE) will pay a $10 million penalty to settle charges brought by the U.S. Securities and Exchange…
GhostEngine mining attacks kill EDR security using vulnerable drivers
A malicious crypto mining campaign codenamed 'REF4578,' has been discovered deploying a malicious payload named GhostEngine that uses vulnerable drivers to turn off…
Attackers Planted Millions of Imageless Repositories on Docker Hub
The purported metadata for each these containers had embedded links to malicious files.
Millions of Docker repos found pushing malware, phishing sites
Three large-scale campaigns have targeted Docker Hub users, planting millions of repositories designed to push malware and phishing sites since…
Malicious AI models on Hugging Face backdoor users’ machines
At least 100 instances of malicious AI ML models were found on the Hugging Face platform, some of which can…