Tag: malicious
-
Unmasking the silent saboteur you didn’t know was running the show
Tags: 5G, access, ai, api, attack, authentication, backup, blockchain, breach, ciso, cloud, compliance, control, cybersecurity, data, defense, endpoint, firewall, firmware, GDPR, governance, Hardware, incident response, iot, ISO-27001, login, malicious, network, nis-2, PCI, service, siem, supply-chain, threat, zero-trustCybersecurity depends on accurate clocks : Your logs are only as valuable as your clocks are accurate. If your servers are out of sync, forget to reconstruct timelines. You’ll spend hours chasing phantom alerts. Event correlation and forensics Your SIEM is only as good as the timestamps it gets. Correlating events across endpoints, firewalls and cloud…
-
Multiple QNAP Flaws Allow Remote Attackers to Hijack User Accounts
QNAP has issued a security advisory warning users of Qsync Central about two critical vulnerabilities that could allow attackers to access sensitive data or execute malicious code. The affected software is widely used for synchronizing files across QNAP NAS devices and connected clients. Below is a comprehensive analysis of the vulnerabilities, their technical details, and…
-
Malicious npm Utility Packages Enable Attackers to Wipe Production Systems
Socket’s Threat Research Team has uncovered two malicious npm packages, express-api-sync and system-health-sync-api, designed to masquerade as legitimate utilities while embedding destructive backdoors capable of annihilating production systems. Published under the npm alias >>botsailer
-
Over 20 Malicious Crypto Wallet Apps Found on Google Play, CRIL Warns
Cyble Research and Intelligence Labs (CRIL) has recently uncovered a malicious crypto phishing campaign where more than 20 malicious applications on the Google Play Store were designed to target crypto wallet users with phishing schemes. These deceptive apps impersonate well-known wallet platforms and lure users into revealing their sensitive mnemonic phrases, effectively handing over control…
-
fiddleitm: Open-source mitmproxy add-on identifies malicious web traffic
fiddleitm is an open-source tool built on top of mitmproxy that helps find malicious web traffic. It works by checking HTTP requests and responses for known patterns that … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/09/fiddleitm-open-source-mitmproxy-add-on-identify-malicious-web-traffic/
-
Malware found in NPM packages with 1 million weekly downloads
A significant supply chain attack hit NPM after 15 popular Gluestack packages with over 950,000 weekly downloads were compromised to include malicious code that acts as a remote access trojan (RAT). First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/supply-chain-attack-hits-gluestack-npm-packages-with-960k-weekly-downloads/
-
Over 950K weekly downloads at risk in ongoing supply chain attack on Gluestack packages
A supply chain attack hit NPM, threat actors compromised 16 popular Gluestack packages, affecting 950K+ weekly downloads. Researchers from Aikido Security discovered a new supply chain attack targeted NPM, compromising 16 popular Gluestack ‘react-native-aria’ packages with over 950K weekly downloads. The attack began on June 6 at 4:33 PM EST with a malicious update to…
-
Malicious Browser Extensions Infect Over 700 Users Across Latin America Since Early 2025
Cybersecurity researchers have shed light on a new campaign targeting Brazilian users since the start of 2025 to infect users with a malicious extension for Chromium-based web browsers and siphon user authentication data.”Some of the phishing emails were sent from the servers of compromised companies, increasing the chances of a successful attack,” Positive Technologies security…
-
Cybercriminals turn to “residential proxy” services to hide malicious traffic
“You cannot technically distinguish which traffic in a node is bad and which traffic is good.” First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/06/cybercriminals-turn-to-residential-proxy-services-to-hide-malicious-traffic/
-
Malicious Browser Extensions Infect 722 Users Across Latin America Since Early 2025
Cybersecurity researchers have shed light on a new campaign targeting Brazilian users since the start of 2025 to infect users with a malicious extension for Chromium-based web browsers and siphon user authentication data.”Some of the phishing emails were sent from the servers of compromised companies, increasing the chances of a successful attack,” Positive Technologies security…
-
Supply chain attack hits Gluestack NPM packages with 960K weekly downloads
A significant supply chain attack hit NPM after 15 popular Gluestack packages with over 950,000 weekly downloads were compromised to include malicious code that acts as a remote access trojan (RAT). First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/supply-chain-attack-hits-gluestack-npm-packages-with-960k-weekly-downloads/
-
Malicious npm packages posing as utilities delete project directories
Two malicious packages have been discovered in the npm JavaScript package index, which masquerades as useful utilities but, in reality, are destructive data wipers that delete entire application directories. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/malicious-npm-packages-posing-as-utilities-delete-project-directories/
-
Over 20 Malicious Apps on Google Play Target Users for Seed Phrases
Over 20 malicious apps on Google Play are stealing crypto seed phrases by posing as trusted wallets and exchanges, putting users’ funds at risk. First seen on hackread.com Jump to article: hackread.com/malicious-apps-google-play-users-for-seed-phrases/
-
LLM04: Data Model Poisoning FireTail Blog
Jun 06, 2025 – Lina Romero – LLM04: Data & Model Poisoning Excerpt: In this blog series, we’re breaking down the OWASP Top 10 risks for LLMs and explaining how each one manifests and can be mitigated. Today’s risk is #4 on the list: Data and Model Poisoning. Read on to learn more”¦ Summary: Data…
-
ChatGPT used for evil: Fake IT worker resumes, misinfo, and cyber-op assist
OpenAI boots accounts linked to 10 malicious campaigns First seen on theregister.com Jump to article: www.theregister.com/2025/06/06/chatgpt_for_evil/
-
Cybercriminals Are Hiding Malicious Web Traffic in Plain Sight
In an effort to evade detection, cybercriminals are increasingly turning to “residential proxy” services that cover their tracks by making it look like everyday online activity. First seen on wired.com Jump to article: www.wired.com/story/cybercriminals-are-hiding-malicious-web-traffic-in-plain-sight/
-
Hundreds of Malicious GitHub Repos Targeting Novice Cybercriminals Traced to Single User
Sophos X-Ops researchers have identified over 140 GitHub repositories laced with malicious backdoors, orchestrated by a single threat actor associated with the email address ischhfd83[at]rambler[.]ru. Initially sparked by a customer inquiry into the Sakura RAT, a supposed open-source malware touted for its >>sophisticated anti-detection capabilities,
-
Corporate executives face mounting digital threats as AI drives impersonation
Malicious actors are using deepfakes and voice-cloning technology to target senior executives in both the workplace and personal spaces. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/corporate-executives-threats-ai-impersonation/750064/
-
OpenAI takes down ChatGPT accounts linked to state-backed hacking, disinformation
State-backed threat actors from a handful of countries are using ChatGPT for a range of malicious purposes ranging from malware refinement to employment scams and social media disinformation campaigns. First seen on therecord.media Jump to article: therecord.media/openai-takes-down-chatgpt-accounts-hacking
-
Critical Fortinet flaws now exploited in Qilin ransomware attacks
The Qilin ransomware operation has recently joined attacks exploiting two Fortinet vulnerabilities that allow bypassing authentication on vulnerable devices and executing malicious code remotely. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/critical-fortinet-flaws-now-exploited-in-qilin-ransomware-attacks/
-
ANY.RUN Empowers Government Agencies with Real-Time Threat Detection
Tags: breach, cyber, cyberattack, detection, government, infrastructure, malicious, malware, phishing, tactics, threatGovernment agencies worldwide are facing an unprecedented wave of cyberattacks, with adversaries employing advanced tactics to breach critical infrastructure and steal sensitive data. Recent case studies analyzed using the ANY.RUN malware analysis platform reveal how attackers are leveraging phishing, domain spoofing, and malicious document delivery to target public sector organizations. These incidents highlight the urgent…
-
New PathWiper Data Wiper Malware Disrupts Ukrainian Critical Infrastructure in 2025 Attack
A critical infrastructure entity within Ukraine was targeted by a previously unseen data wiper malware named PathWiper, according to new findings from Cisco Talos.”The attack was instrumented via a legitimate endpoint administration framework, indicating that the attackers likely had access to the administrative console, that was then used to issue malicious commands and deploy PathWiper…
-
Paste.ee Turned Cyber Weapon: XWorm and AsyncRAT Delivered by Malicious Actors
The widespread text-sharing website Paste.ee has been used as a weapon by bad actors to spread powerful malware strains like XWorm and AsyncRAT, which is a worrying trend for cybersecurity professional. This tactic represents a significant shift in phishing and malware delivery strategies, exploiting a trusted service to bypass traditional security defenses. Unveiling a New…
-
FBI: BADBOX 2.0 Android malware infects millions of consumer devices
The FBI is warning that the BADBOX 2.0 malware campaign has infected over 1 million home Internet-connected devices, converting consumer electronics into residential proxies that are used for malicious activity. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fbi-badbox-20-android-malware-infects-millions-of-consumer-devices/
-
Water utilities mitigate equipment flaws after researchers find widespread exposures
Censys researchers said hundreds of water treatment facilities have taken steps to protect against malicious cyber intrusions. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/water-utilities-mitigate-flaws-find-exposures/749980/