Stargazer Goblin has been distributing various malware families like Atlantida Stealer, Lumma, and Rhadamanthys, since at least August 2022. The threat actor charges users to “star” repositories with fake accounts, increasing their credibility.
Okta Browser Plugin versions 6.5.0 through 6.31.0 are vulnerable to cross-site scripting, prompting users to save credentials in Okta Personal. The issue was fixed in version 6.32.0 for Chrome, Edge, Firefox, and Safari.
The attackers are primarily targeting High-Value Targets (HVTs) in key infrastructure cities like Edinburgh and Dublin. Over half of the attack IPs are from Moscow, with the rest traced back to Amsterdam and Brussels.
The vulnerabilities are as follows: CVE-2012-4792, a decade-old vulnerability in Internet Explorer allowing remote code execution, and CVE-2024-39891, an information disclosure flaw in Twilio Authy.
Researchers identified two vulnerabilities in LangChain, an open-source generative AI framework with over 81,000 stars on GitHub: CVE-2023-46229 and CVE-2023-44467 (LangChain Experimental).
Protexxa, a Toronto-based B2B SaaS cybersecurity company founded by Claudette McGowan, has secured $10 million in Series A funding from various investors including Bell Ventures and private investors like Sonia Baxendale and Annette Verschuren.
Threat actors are targeting Hamster Kombat’s 250 million players with fake Android and Windows software that install spyware and malware. The clicker mobile game allows players to earn fictional currency by completing simple tasks.
The Philippines has decided to shut down its online gambling industry to tackle illegal activities such as financial scams and human trafficking. President Ferdinand Marcos Jr instructed PAGCOR to cease operations of POGOs by the end of the year.
dYdX’s decentralized finance (DeFi) exchange v3 website was hacked in a DNS hijack attack, compromising the platform. Users were warned not to visit or interact with the hacked website and to avoid withdrawing assets until the platform was safe.
Multiple Russian cyber units are targeting frontline Ukrainian military computers and mobile devices in preparation for a summer offensive. This change reflects Russia’s adaptation to the demands of a prolonged war in Ukraine.