James Webb Telescope Images Loaded With Malware Are Evading EDR
Threat hunters are warning security teams to be on the lookout for new cyberattack that uses a chance to see historic James Webb space telescope deep field images as a lure. The campaign's victims...
Traceable AI debuts API testing product for its security platform
Traceable AI today announced the general availability of xAST, an API security testing solution, as part of its API Security Platform. The new feature set, after extensive beta testing...
Malicious Chrome Extensions Plague 1.4M Users
Researchers have flagged five separate malicious Chrome extensions masquerading as Netflix viewers and more. They track user activity and insert code into any e-commerce sites they visit, letting cyberattackers steal payments...
Phishing Campaign Targets PyPI Users to Distribute Malicious Code
A phishing campaign is targeting users of the Python Package Index (PyPI) by threatening to remove their code packages if they don't put it through a bogus validation process,...
Chinese Hackers Target Energy Sector in Australia, South China Sea
The Chinese state-aligned threat actor TA423 (aka Leviathan/APT40) is behind a sustained cyber-espionage campaign against countries and entities operating in the South China Sea, including organizations involved in an...
FBI issues alert over cybercriminal exploits targeting DeFi
The United States Federal Bureau of Investigation (FBI) has issued a fresh warning for investors in decentralized finance (DeFi) platforms, which have been targeted with $1.6 billion in exploits...
Receipt for €8M iOS Zero-Day Sale Pops Up on Dark Web
Last month, an unknown customer appears to have shelled out around €8 million for a full-service zero-day remote control execution (RCE) exploit. Screenshots shared of the zero-day exploit bill of sale...
Blockchain audits: The steps to ensure a network is secure
The last few years have seen blockchain platforms becoming the centerpiece of many tech conversations across the globe. This is because the technology not only lies at the heart...
‘Sliver’ Emerges as Cobalt Strike Alternative for Malicious C2
Enterprise security teams, which over the years have honed their ability to detect the use of Cobalt Strike by adversaries, may also want to keep an eye out for "Sliver."...
An interview with initial access broker Wazawaka: ‘There is no such money anywhere as...
Editor’s Note: Last April, a ransomware group threatened to expose police informants and other sensitive information if the Washington, D.C. Metropolitan Police Department did not pay a demand.
The brazen attack...
