Hackers breach ISP to poison software updates with malware
A Chinese hacking group tracked as StormBamboo has compromised an undisclosed internet service provider (ISP) to poison automatic software updates with malware.…
StackExchange abused to spread malicious PyPi packages as answers
Threat actors uploaded malicious Python packages to the PyPI repository and promoted them through the StackExchange online question and answer platform. [...]
Misconfigured Selenium Grid servers abused for Monero mining
Threat actors are exploiting a misconfiguration in Selenium Grid, a popular web app testing framework, to deploy a modified XMRig tool…
Windows 11 taskbar has a hidden “End Task” feature, how to turn it on
Microsoft has added a feature to Windows 11 that allows you to end tasks directly from the taskbar. [...]
French police push PlugX malware self-destruct payload to clean PCs
The French police and Europol are pushing out a "disinfection solution" that automatically removes the PlugX malware from infected devices…
CRYSTALRAY hacker expands to 1,500 breached systems using SSH-Snake tool
A new threat actor known as CRYSTALRAY has significantly broadened its targeting scope with new tactics and exploits, now counting…
ViperSoftX malware covertly runs PowerShell using AutoIT scripting
The latest variants of the ViperSoftX info-stealing malware use the common language runtime (CLR) to load and execute PowerShell commands…
Supreme Court dismisses state challenges to red state restrictions on social media platforms
The Supreme Court on Monday weighed in on Florida and Texas laws that aimed to restrict how large social media companies…
Polyfill claims it has been ‘defamed’, returns after domain shut down
The owners of Polyfill.io have relaunched the JavaScript CDN service on a new domain after polyfill.io was shut down as…
Plugins on WordPress.org backdoored in supply chain attack
A threat actor modified the source code of at least five plugins hosted on WordPress.org to include malicious PHP scripts that…