Malicious PyPi packages create CloudFlare Tunnels to bypass firewalls
Six malicious packages on PyPI, the Python Package Index, were found installing information-stealing and RAT (remote access trojan) malware while…
VSCode Marketplace can be abused to host malicious extensions
Threat analysts at AquaSec have experimented with the security of VSCode Marketplace and found that it's surprisingly easy to upload…
Extracting Encrypted Credentials From Common Tools
Attackers are harvesting credentials from compromised systems. Here's how some commonly used tools can enable this.
FIN7 hackers create auto-attack platform to breach Exchange servers
The notorious FIN7 hacking group uses an auto-attack system that exploits Microsoft Exchange and SQL injection vulnerabilities to breach corporate…
Ransomware Attackers Bypass Microsoft’s ProxyNotShell Mitigations With Fresh Exploit
The Play ransomware group was spotted exploiting another little-known SSRF bug to trigger RCE on affected Exchange servers.
Microsoft pushes emergency fix for Windows Server Hyper-V VM issues
Microsoft has released emergency out-of-band (OOB) Windows Server updates to address a known issue breaking virtual machine (VM) creation on…
Ransomware gang uses new Microsoft Exchange exploit to breach servers
Play ransomware threat actors are using a new exploit chain that bypasses ProxyNotShell URL rewrite mitigations to gain remote code…
Microsoft will turn off Exchange Online basic auth in January
Microsoft warned today that it will permanently turn off Exchange Online basic authentication starting early January 2023 to improve security.…
Microsoft warns of new Minecraft DDoS malware infecting Windows, Linux
A new cross-platform malware botnet named 'MCCrash' is infecting Windows, Linux, and IoT devices to conduct distributed denial of service…
Microsoft Patch Tuesday, December 2022 Edition
Microsoft has released its final monthly batch of security updates for 2022, fixing more than four dozen security holes in…