Threat Actor Phishing PyPI Users Identified
Security researchers have identified a previously unknown group dubbed "JuiceLedger" as the threat actor behind a recent and first-known phishing campaign specifically targeting users of the Python Package Index...
Neopets Hackers Had Network Access for 18 Months
Neopets has released an "Important Announcement" urging its members to update their passwords and confirming that the company's IT systems were compromised.Neopets is a game that lets players create,...
Apple Quietly Releases Another Patch for Zero-Day RCE Bug
Apple has quietly rolled out more updates to iOS to fix an actively exploited zero-day security vulnerability that it patched earlier this month in newer devices. The vulnerability, found...
Crypto-Crooks Spread Trojanized Google Translate App in Watering-Hole Attack
A cryptomining campaign has potentially infected thousands of machines worldwide by hiding in a Google Translate download for desktops.
According to researchers at Check Point, the threat actor behind it...
OpenText Goes All-in on Cybersecurity Size and Scale With Micro Focus Purchase
Canadian software giant OpenText last week announced its intention to purchase Micro Focus in a deal valued at roughly $6 billion.To give an idea of the scale of the...
James Webb Telescope Images Loaded With Malware Are Evading EDR
Threat hunters are warning security teams to be on the lookout for new cyberattack that uses a chance to see historic James Webb space telescope deep field images as a lure. The campaign's victims...
Malicious Chrome Extensions Plague 1.4M Users
Researchers have flagged five separate malicious Chrome extensions masquerading as Netflix viewers and more. They track user activity and insert code into any e-commerce sites they visit, letting cyberattackers steal payments...
Phishing Campaign Targets PyPI Users to Distribute Malicious Code
A phishing campaign is targeting users of the Python Package Index (PyPI) by threatening to remove their code packages if they don't put it through a bogus validation process,...
Chinese Hackers Target Energy Sector in Australia, South China Sea
The Chinese state-aligned threat actor TA423 (aka Leviathan/APT40) is behind a sustained cyber-espionage campaign against countries and entities operating in the South China Sea, including organizations involved in an...
Receipt for €8M iOS Zero-Day Sale Pops Up on Dark Web
Last month, an unknown customer appears to have shelled out around €8 million for a full-service zero-day remote control execution (RCE) exploit. Screenshots shared of the zero-day exploit bill of sale...
