Malicious Python Package Uses Unicode Trickery to Evade Detection and Steal Data
Mar 24, 2023Ravie LakshmananDevSecOps / Software Security A malicious Python package on the Python Package Index (PyPI) repository has been found to use Unicode as…
Category: TheHackerNews
GitHub Swiftly Replaces Exposed RSA SSH Key to Protect Git Operations
Mar 24, 2023Ravie LakshmananCloud Security / Programming Cloud-based repository hosting service GitHub said it took the step of replacing its RSA SSH host key used…
Inside the High Risk of 3rd-Party SaaS Apps
Mar 24, 2023The Hacker NewsSaaS Security / Webinar Any app that can improve business operations is quickly added to the SaaS stack. However, employees don’t…
Researchers Uncover Chinese Nation State Hackers’ Deceptive Attack Strategies
Mar 24, 2023Ravie LakshmananCyber Attack / Hacking A recent campaign undertaken by Earth Preta indicates that nation-state groups aligned with China are getting increasingly proficient…
Critical WooCommerce Payments Plugin Flaw Patched for 500,000+ WordPress Sites
Mar 24, 2023Ravie LakshmananWeb Security / WordPress Patches have been released for a critical security flaw impacting the WooCommerce Payments plugin for WordPress, which is…
Fake ChatGPT Chrome Browser Extension Caught Hijacking Facebook Accounts
Mar 23, 2023Ravie LakshmananBrowser Security / Artificial Intelligence Google has stepped in to remove a bogus Chrome browser extension from the official Web Store that…
2023 Cybersecurity Maturity Report Reveals Organizational Unpreparedness for Cyberattacks
Mar 23, 2023The Hacker News In 2022 alone, global cyberattacks increased by 38%, resulting in substantial business loss, including financial and reputational damage. Meanwhile, corporate…
A New Rising Android Banking Trojan Targeting 450 Financial Apps
Mar 23, 2023Ravie LakshmananMobile Security / Banking An emerging Android banking trojan dubbed Nexus has already been adopted by several threat actors to target 450…
Chinese Hackers Breach Middle East Telecom Providers
Mar 23, 2023Ravie LakshmananCritical Infrastructure Security Telecommunication providers in the Middle East are the subject of new cyber attacks that commenced in the first quarter…
German and South Korean Agencies Warn of Kimsuky’s Expanding Cyber Attack Tactics
Mar 23, 2023Ravie LakshmananCyber Attack / Browser Security German and South Korean government agencies have warned about cyber attacks mounted by a threat actor tracked…
Researchers Reveal New Malware Distribution Techniques
Mar 22, 2023Ravie LakshmananCyber Threat Intelligence The North Korean advanced persistent threat (APT) actor dubbed ScarCruft is using weaponized Microsoft Compiled HTML Help (CHM) files…
CISA Alerts on Critical Security Vulnerabilities in Industrial Control Systems
Mar 22, 2023Ravie LakshmananICS/SCADA Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released eight Industrial Control Systems (ICS) advisories on Tuesday, warning of…