Attackers Are Already Exploiting ChatGPT to Write Malicious Code
Since OpenAI released ChatGPT in late November, many security experts have predicted it would only be a matter of time before cybercriminals began using the AI chatbot for writing...
JsonWebToken Security Bug Opens Servers to RCE
A high-severity vulnerability (CVE-2022-23529) has been discovered in the popular JsonWebToken (JWT) open source encryption project, which could be used by attackers to achieve remote code execution (RCE) on...
‘Copyright Infringement’ Lure Used for Facebook Credential Harvesting
An extensive credential-harvesting campaign has hackers leveraging Facebook copyright infringement notices to steal enterprise credentials.Malicious actors continue to use tried and true phishing techniques and social engineering tactics to...
Vice Society Releases Info Stolen From 14 UK Schools, Including Passport Scans
Another month, another release of personal information stolen from a school system. This time, it's a group of 14 schools in the United Kingdom.Once again, the perpetrator appears to...
Russia-Linked Turla APT Sneakily Co-Opts Ancient Andromeda USB Infections
A hacking group — suspected to be the Russia-linked Turla Team — reregistered at least three old domains associated with the decade-old Andromeda malware, allowing the group to distribute...
PurpleUrchin Gang Embraces DevOps In Massive Cloud Malware Campaign
More information has become available on "PurpleUrchin," a malicious campaign in which a threat group called Automated Libra is using DevOps and continuous integration/continuous deployment (CI/CD) practices to mine...
Space Race: Defenses Emerge as Satellite-Focused Cyberattacks Ramp Up
With cyberattacks becoming a reality against the space sector's infrastructure in 2022, two groups are aiming to get ahead of future attacks by creating framework initiatives.The goal of the frameworks...
Cyberattackers Torch Python Machine Learning Project
An unknown attacker slipped a malicious binary into the PyTorch machine learning project by registering a malicious project with the Python Package Index (PyPI), infecting users' machines if they...
Chinese ‘RedZei’ Group Batters Victims With Incessant Vishing Effort
Chinese threat actors have been targeting Chinese-speaking students in the United Kingdom with a unique phone scam that aims to steal their personal information with repeated phone calls and...
Raspberry Robin Worm Hatches a Highly Complex Upgrade
Hacking groups are using a new version of the Raspberry Robin framework to attack Spanish and Portuguese-language based financial institutions — and it's complexity quotient has been significantly upgraded,...