In 2023, ReversingLabs identified a significant increase in malicious packages across open-source software platforms like npm, PyPI, and RubyGems. The number of malicious packages detected increased by 1,300% from 2020 and 28% from 2022.
The vulnerability, CVE-2024-23897, allows attackers to read arbitrary files on the Jenkins controller file system. This could potentially lead to various attacks, including remote code execution and decryption of stored secrets.
Apple’s lawsuit alleges that NSO Group facilitated hacking into Apple’s servers, leading to significant time and expense for Apple in detecting and eradicating Pegasus from users’ devices.
A new China-aligned threat actor named Blackwood has been identified, deploying a sophisticated implant named NSPX30 via the update mechanisms of legitimate software to target Chinese and Japanese companies and individuals.
An external threat actor in possession of a Google account could misuse this misconfiguration by using their own Google OAuth 2.0 bearer token to seize control of the cluster for follow-on exploitation.
The company has discovered a limited number of individuals whose personal information may have been impacted during the breach and is working with a third-party forensics firm to assess the extent of the attack’s impact on its operations and systems.
KB5034204 also fixes an issue caused by a deadlock that prevents search from working on the Start menu for some users and addresses a bug affecting the OpenType font driver, affecting how text renders for third-party applications.
It appears that the package author was in the process of building out the malware and adding layers of deception. Fortunately, the package was detected and removed from npm before that could happen.
VexTrio has been attributed to malicious campaigns that use domains generated by a dictionary domain generation algorithm (DDGA) to propagate scams, riskware, spyware, adware, potentially unwanted programs (PUPs), and pornographic content.
While most organizations consider cyber resiliency a foundational aspect of their broader business continuity or disaster recovery (BC/DR) strategy, BC/DR preparedness is not yet “passing” most service-level agreement (SLA) expectations.