Solana Web3.js library backdoored to steal secret, private keys
The legitimate Solana JavaScript SDK was temporarily compromised yesterday in a supply chain attack, with the library backdoored with malicious...
Read more →Category: Bleeping Computer
Russian hackers hijack Pakistani hackers’ servers for their own attacks
The notorious Russian cyber-espionage group Turla is hacking other hackers, hijacking the Pakistani threat actor Storm-0156’s infrastructure to launch their...
Read more →
Six password takeaways from the updated NIST cybersecurity framework
Password security is changing — and updated guidelines from the National Institute of Standards and Technology (NIST) reject outdated practices in favor of...
Read more →
Japan warns of IO-Data zero-day router flaws exploited in attacks
Japan’s CERT is warning that hackers are exploiting zero-day vulnerabilities in I-O Data router devices to modify device settings, execute...
Read more →
US shares tips to block hackers behind recent telecom breaches
CISA released guidance today to help network defenders harden their systems against attacks coordinated by the Salt Typhoon Chinese threat...
Read more →
Cloudflare’s developer domains increasingly abused by threat actors
Cloudflare’s ‘pages.dev’ and ‘workers.dev’ domains, used for deploying web pages and facilitating serverless computing, are being increasingly abused by cybercriminals for...
Read more →
Vodka maker Stoli files for bankruptcy in US after ransomware attack
Stoli Group’s U.S. companies have filed for bankruptcy following an August ransomware attack and Russian authorities seizing the company’s remaining...
Read more →
Exploit released for critical WhatsUp Gold RCE flaw, patch now
A proof-of-concept (PoC) exploit for a critical-severity remote code execution flaw in Progress WhatsUp Gold has been published, making it...
Read more →
Veeam warns of critical RCE bug in Service Provider Console
Veeam released security updates today to address two Service Provider Console (VSPC) vulnerabilities, including a critical remote code execution (RCE)...
Read more →
Police seizes largest German online crime marketplace, arrests admin
Germany has taken down the largest online cybercrime marketplace in the country, named “Crimenetwork,” and arrested its administrator for facilitating the...
Read more →
FTC bans data brokers from selling Americans’ sensitive location data
Today, the FTC banned data brokers Mobilewalla and Gravy Analytics from harvesting and selling Americans’ location tracking data linked to...
Read more →
Police seize Matrix encrypted chat service after spying on criminals
An international law enforcement operation codenamed ‘Operation Passionflower’ has shut down MATRIX, an encrypted messaging platform used by cybercriminals to...
Read more →