Category: security

Windows PCs are now being hit by dangerous malware — here’s the steps you need to take to stay safe

It’s been a while since we heard about malware hiding in PyPI packages, but researchers have now reported finding almost a dozen lurking on the open source Python Package Index (PyPI) repository. Cybersecurity researchers from Fortinet’s FortiGuard Labs found nine packages delivering the WhiteSnake Stealer. The packages are called nigpal,…

Read More

Anthropic confirms it suffered a data leak — AI wunderkid says human error behind customer info breach

Anthropic has confirmed it recently suffered a data leak when a contractor mistakenly sent a file with sensitive data to an unauthorized third party.  The news was confirmed in a letter sent to affected customers of the LLM and chatbot firm seen by VentureBeat, which also spoke to company representatives.…

Read More

“The frequency at which many apps send device information…is mind-blowing” — popular iPhone apps are stealing your data using iOS push notifications, here’s what you need to do to stay safe

Some of the most popular iOS apps have been found to be working around Apple’s terms of service to collect sensitive information about the devices they’re installed on.  According to the researcher that discovered the practice, this is a big deal because the app’s vendors can use this data to…

Read More

Millions at risk as popular WordPress database plugin is targeted by hackers — here’s what WordPress site owners need to know

A popular WordPress vulnerability has been found carrying a critical vulnerability which allowed hackers to attack websites, steal sensitive data, and even force them offline.  The vulnerability, tracked as CVE-2023-6933, was discovered by WordPress security experts Wordfence, and subsequently fixed by the plugin’s vendor, WP Engine. The flaw consisted of…

Read More

Abuse of residential proxy services, password spray key to Midnight Blizzard attacks, warns Microsoft — here’s what that means for you

The recent Midnight Blizzard attacks on Microsoft and HPE may be just the beginning, with the Russian threat actors are already targeting more global organizations, the former has warned. In its detailed breakdown of the threat actor and the attack on its infrastructure, the Microsoft Threat Intelligence team noted, “This…

Read More

This top Microsoft Office alternative has been hijacked by Chinese hackers — and their malware is coming for your devices

Chinese hackers are hijacking legitimate software updates to deliver backdoors capable of stealing sensitive information from the target endpoints, experts have warned.  A new report from cybersecurity researchers ESET recently observed a previously unknown threat actor which they dubbed Blackwood.  This group, which apparently is on the Chinese government’s payroll,…

Read More