Tag: malicious
-
Hacker Exploits AI Art Tool to Steal 1.1TB of Disney Data
California Man Pleads Guilty to Two Felony Charges Related to Hacking Employee’s PC. A California man agreed to plead guilty to hacking a Disney employee’s personal computer and stealing over one terabyte of confidential company data. Authorities say the man posted a malicious artificial intelligence art application online and used it to steal an employee’s…
-
Critical AWS Amplify Studio Flaw Allowed Attackers to Execute Arbitrary Code
Amazon Web Services (AWS) has addressed a critical security flaw (CVE-2025-4318) in itsAWS Amplify Studioplatform, which could have allowed authenticated attackers to execute malicious JavaScript code during component rendering. The vulnerability, publicly disclosed on May 5, 2025, affects the amplify-codegen-ui package, a core tool for generating front-end code in Amplify Studio. Vulnerability Details The flaw resides in…
-
Researchers Uncover Malware in Fake Discord PyPI Package Downloaded 11,500+ Times
Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) repository that masquerades as a seemingly harmless Discord-related utility but incorporates a remote access trojan.The package in question is discordpydebug, which was uploaded to PyPI on March 21, 2022. It has been downloaded 11,574 times and continues to be available on the…
-
Stealth Is the Strategy: Rethinking Infrastructure Defense
Tags: access, ai, attack, breach, cisco, cloud, cybersecurity, data, defense, edr, endpoint, espionage, exploit, finance, firewall, gartner, google, group, infrastructure, injection, ivanti, malicious, monitoring, network, resilience, risk, strategy, technology, threat, tool, vpn, vulnerability, zero-day, zero-trust -
Linux wiper malware hidden in malicious Go modules on GitHub
A supply-chain attack targets Linux servers with disk-wiping malware hidden in Golang modules published on GitHub. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/linux-wiper-malware-hidden-in-malicious-go-modules-on-github/
-
New ClickFix Attack Imitates Ministry of Defence Website to Target Windows Linux Systems
Tags: attack, cyber, cyberattack, government, india, infection, intelligence, linux, malicious, malware, threat, windowsA newly identified cyberattack campaign has surfaced, leveraging the recognizable branding of India’s Ministry of Defence to distribute cross-platform malware targeting both Windows and Linux systems. Uncovered by threat intelligence researchers at Hunt.io, this operation employs a ClickFix-style infection chain, mimicking official government press release portals to lure unsuspecting users into executing malicious payloads. The…
-
CISA Issues Alert on Langflow Vulnerability Actively Exploited in Attacks
Tags: attack, cisa, cyber, cybersecurity, exploit, flaw, framework, infrastructure, malicious, open-source, risk, vulnerabilityThe Cybersecurity and Infrastructure Security Agency (CISA) issued an urgent alert regarding an actively exploited vulnerability in Langflow, a popular open-source framework for building language model applications. Tracked as CVE-2025-3248, the flaw allows unauthenticated attackers to execute malicious code remotely, posing significant risks to organizations using the platform. Vulnerability Details The critical flaw resides in Langflow’sapi/v1/validate/codeendpoint,…
-
Windows Deployment Services Hit by 0-Click UDP Flaw Leading to System Failures
Tags: authentication, cyber, exploit, flaw, malicious, microsoft, network, remote-code-execution, service, windowsA newly discoveredpre-authentication denial-of-service (DoS) vulnerabilityin Microsoft’s Windows Deployment Services (WDS) exposes enterprise networks to instant system crashes via malicious UDP packets. Dubbed a “0-click” flaw, attackers can exploit it remotely without user interaction, draining server memory until critical services fail. While much attention focuses on remote code execution bugs, memory exhaustion vulnerabilities in UDP-based services like…
-
Man pleads guilty to using malicious AI software to hack Disney employee
Fake image-generating app allowed man to download 1.1TB of Disney-owned data. First seen on arstechnica.com Jump to article: arstechnica.com/ai/2025/05/man-pleads-guilty-to-using-malicious-ai-software-to-hack-disney-employee/
-
Hundreds of e-commerce sites hacked in supply-chain attack
Attack that started in April and remains ongoing runs malicious code on visitors’ devices. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/05/hundreds-of-e-commerce-sites-hacked-in-supply-chain-attack/
-
Darcula PhaaS steals 884,000 credit cards via phishing texts
The Darcula phishing-as-a-service (PhaaS) platform stole 884,000 credit cards from 13 million clicks on malicious links sent via text messages to targets worldwide. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/darcula-phaas-steals-884-000-credit-cards-via-phishing-texts/
-
Darcula PhaaS steals 884,000 credit cards via SMS phishing texts
The Darcula phishing-as-a-service (PhaaS) platform stole 884,000 credit cards from 13 million clicks on malicious links sent via text messages to targets worldwide. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/darcula-phaas-steals-884-000-credit-cards-via-sms-phishing-texts/
-
Hackers Exploit 21 Apps to Take Full Control of E-Commerce Servers
Tags: attack, backdoor, control, cyber, cybersecurity, exploit, hacker, injection, malicious, software, supply-chain, vulnerabilityCybersecurity firm Sansec has uncovered a sophisticated supply chain attack that has compromised 21 popular e-commerce applications, granting hackers full control over hundreds of online stores. This malicious campaign, which began with the injection of backdoors as early as six years ago, was activated this week, exposing vulnerabilities in software from vendors such as Tigren,…
-
Hackers Target HR Departments With Fake Resumes to Spread More_eggs Malware
The financially motivated threat group Venom Spider, also tracked as TA4557, has shifted its focus to corporate Human Resources (HR) departments with a highly targeted spear-phishing operation. According to research by Arctic Wolf Labs, the group is leveraging legitimate job platforms and messaging services to send fraudulent job applications laced with malicious resumes. These deceptive…
-
Hackers Use Pahalgam Attack-Themed Decoys to Target Indian Government Officials
The Seqrite Labs APT team has uncovered a sophisticated cyber campaign by the Pakistan-linked Transparent Tribe (APT36) targeting Indian Government and Defense personnel. This operation, centered around the recent Pahalgam terror attack on April 22, 2025, leverages emotionally charged themes to distribute phishing documents and deploy malicious payloads. Exploiting Geopolitical Tensions for Cyber Espionage The…
-
Top cybersecurity products showcased at RSA 2025
Tags: access, ai, attack, automation, awareness, breach, cisco, compliance, control, crowdstrike, cyber, cybersecurity, data, defense, detection, edr, email, firewall, fortinet, framework, identity, incident response, infrastructure, injection, intelligence, login, malicious, open-source, phishing, risk, siem, soc, threat, tool, training, update, vulnerability, zero-trustCisco: Foundational AI Security Model: Cisco introduced its Foundation AI Security Model, an open-source framework designed to standardize safety protocols across AI models and applications. This initiative aims to address the growing concerns around AI security and ensure Safer AI deployments. Cisco also unveiled new agentic AI features in its XDR and Splunk platforms, along…
-
Luna Moth Hackers Use Fake Helpdesk Domains to Target Victims
A recent investigation by cybersecurity firm EclecticIQ, in collaboration with threat hunters, has exposed a surge in malicious activity tied to the Luna Moth hacking group. The actors are now leveragingfake helpdesk-themed domainsto impersonate legitimate businesses and steal sensitive data. This campaign, first detected in March 2025, primarily targets law firms and corporate entities. How…
-
Sansec uncovered a supply chain attack via 21 backdoored Magento extensions
Supply chain attack via 21 backdoored Magento extensions hit 5001,000 e-stores, including a $40B multinational. Sansec researchers reported that multiple vendors were hacked in a coordinated supply chain attack, the experts discovered that a backdoor was hidden in 21 applications. Curiously, the malicious code was injected 6 years ago, but the supply chain attack was…
-
Malicious Go Modules Discovered Wiping Linux Systems in New Supply Chain Attack
Cybersecurity firm Socket has recently uncovered a set of malicious Go modules capable of delivering a destructive disk-wiping payload. The campaign specifically targets Linux systems by exploiting Go’s decentralized module system, putting countless development environments at risk. How Does the… First seen on sensorstechforum.com Jump to article: sensorstechforum.com/malicious-go-modules-linux-supply-chain-attack/
-
Malicious Go Modules designed to wipe Linux systems
Researchers found 3 malicious Go modules with hidden code that can download payloads to wipe a Linux system’s main disk, making it unbootable. The malicious modules contain obfuscated code to fetch next-stage payloads that can wipe a Linux system’s primary disk and make it unbootable. >>Socket’s Threat Research Team uncovered a stealthy and highly destructive…
-
MintsLoader Malware Uses Sandbox and Virtual Machine Evasion Techniques
MintsLoader, a malicious loader first observed in 2024, has emerged as a formidable tool in the arsenal of multiple threat actors, including the notorious TAG-124 (LandUpdate808) and SocGholish groups. This malware, identified in phishing and drive-by download campaigns, employs advanced evasion techniques to bypass traditional security measures, making it a persistent challenge for defenders. MintsLoader’s…
-
Hackers Weaponize Go Modules to Deliver Disk”‘Wiping Malware, Causing Massive Data Loss
Tags: attack, cyber, cybersecurity, data, exploit, github, hacker, malicious, malware, programming, sans, supply-chainCybersecurity researchers uncovered a sophisticated supply chain attack targeting the Go programming language ecosystem in April 2025. Hackers have weaponized three malicious Go modules-github[.]com/truthfulpharm/prototransform, github[.]com/blankloggia/go-mcp, and github[.]com/steelpoor/tlsproxy-to deploy devastating disk-wiping malware. Leveraging the decentralized nature of Go’s module system, where developers directly import dependencies from public repositories like GitHub sans centralized gatekeeping, attackers exploit namespace…
-
Malicious Go Modules Deliver Disk-Wiping Linux Malware in Advanced Supply Chain Attack
Cybersecurity researchers have discovered three malicious Go modules that include obfuscated code to fetch next-stage payloads that can irrevocably overwrite a Linux system’s primary disk and render it unbootable.The names of the packages are listed below -github[.]com/truthfulpharm/prototransformgithub[.]com/blankloggia/go-mcpgithub[.]com/steelpoor/tlsproxy”Despite appearing legitimate, First seen on thehackernews.com Jump to article: thehackernews.com/2025/05/malicious-go-modules-deliver-disk.html