Tag: security
MacOS devices are being targeted with PyPI backdoor to sneak into corporate networks
Security researchers have spotted a new campaign seeking to gain access to corporate networks by targeting macOS devices and employing impersonation/typosquatting on PyPI and steganography to compromise the endpoints. Researcjers from Phylum, which first observed the attack, unnamed threat actors created what seems to be a fork of the “requests”…
Read More
Android malware poses as top apps to steal data — Google, Instagram, WhatsApp all spoofed
Multiple malicious Android applications have been spotted masquerading as some of the platform’s most popular tools, but anyone installing the imposters might get their login credentials or other, very sensitive information stolen from their device. A report from cybersecurity researchers SonicWall Capture Labs described observing multiple apps pretending to be…
Read More
Top conservative news website hit in data breach — around 26 million Post Millennial users affected
More than 26 million people have had their personal data exposed on the dark web following a cyberattack on Post Millennial and Human Events. Post Millennial and Human Events are conservative media publications – the former for the Canadian market, and the latter for the US, owned by the Human…
Read More
Modems used in many industrial IoT sectors could be easily hacked
Modems used in many industrial Internet of Things (IoT) devices can easily be hacked, allowing threat actors root access, remotely and without authentication. The result could be highly disruptive, as many industries rely on IoT devices and other internet-connected sensors for proper operations of entire facilities. A report from cybersecurity…
Read More
LLM services are being hit by hackers looking to sell on private info
Using cloud-hosted large language models (LLM) can be quite expensive, which is why hackers have apparently begun started stealing, and selling, login credentials to the tools. Cybersecurity researchers Sysdig Threat Research Team recently spotted one such campaign, dubbing it LLMjacking. In its report, Sysdig said it observed a threat actor…
Read More
A new Spectre-esque cyberattack has been found — Intel CPUs under attack once again by encryption-cracking campaign
Academic researchers from multiple universities recently discovered a new Spectre-like method of extracting secrets from modern Intel processors. However, Intel says that the original Spectre mitigation fixes these flaws, too. A group of researchers from the University of California San Diego, Purdue University, UNC Chapel Hill, Georgia Institute of Technology,…
Read More