npm packages hide TurkoRAT malware in what looks like a NodeJS EXE
Researchers have discovered multiple npm packages named after NodeJS libraries that even pack a Windows executable that resembles NodeJS but instead drops a sinister trojan. These…
Category: Bleeping Computer
The Week in Ransomware – May 19th 2023
In the ever-shifting ransomware landscape, we saw new ransomware gangs emerge, threat actors return from a long absence, operations shifting extortion tactics, and a flurry…
CISA warns of Samsung ASLR bypass flaw exploited in attacks
CISA warned today of a security vulnerability affecting Samsung devices used in attacks to bypass Android address space layout randomization (ASLR) protection. ASLR is an…
Notorious FIN7 hackers return in Clop ransomware attacks
A financially motivated cybercriminal group known as FIN7 resurfaced last month, with Microsoft threat analysts linking it to attacks where the end goal was the…
ASUS routers knocked offline worldwide by bad security update
ASUS has apologized to its customers for a server-side security maintenance error that has caused a wide range of impacted router models to lose network…
Dish Network likely paid ransom after recent ransomware attack
Dish Network, an American television provider, most likely paid a ransom after being hit by a ransomware attack in February based on the wording used…
Luxottica confirms 2021 data breach after info of 70M leaks online
Luxottica has confirmed one of its partners suffered a data breach in 2021 that exposed the personal information of 70 million customers after a database…
Cybercrime gang pre-infects millions of Android devices with malware
A large cybercrime enterprise tracked as the “Lemon Group” has reportedly pre-installed malware known as ‘Guerilla’ on almost 9 million Android-based smartphones, watches, TVs, and…
KeePass exploit helps retrieve cleartext master password, fix coming soon
The popular KeePass password manager is vulnerable to extracting the master password from the application’s memory, allowing attackers who compromise a device to retrieve the…
Apple fixes three new zero-days exploited to hack iPhones, Macs
Apple has addressed three new zero-day vulnerabilities exploited in attacks to hack into iPhones, Macs, and iPads. “Apple is aware of a report that this…
Apple fixes three zero-days exploited to hack iPhones and Macs
Apple has addressed three new zero-day vulnerabilities exploited in attacks to hack into iPhones, Macs, and iPads. “Apple is aware of a report that this…
Microsoft shares more info on the end of Internet Explorer
Microsoft has decided to allow customers to choose when the last bits of Internet Explorer 11 (IE11) will be removed from their devices. This comes…