Hackers are targeting misconfigured Jupyter Notebooks using a repurposed Minecraft DDoS tool known as mineping. The attack, dubbed Panamorfi, involves utilizing a Java tool to launch a TCP flood DDoS attack against vulnerable Jupyter Notebooks.
This type of attack, known as Bytecode Jiu-Jitsu, takes advantage of the fact that interpreters do not require execution privilege for bytecode, making it difficult for security tools to detect.
Threat actors used StackExchange to promote malicious PyPi packages, including ‘spl-types,’ ‘raydium,’ ‘sol-structs,’ ‘sol-instruct,’ and ‘raydium-sdk,’ which steal data from browsers, messaging apps, and cryptocurrency wallets.
The Plymouth County Retirement Association claims the company misrepresented the effectiveness of its software platform and quality control procedures. The lawsuit alleges that CrowdStrike did not adequately test its software.
A recent malvertising campaign has been exposed, where threat actors take over social media pages, rebranding them as popular AI photo editors and posting malicious links to fake websites.
The caller ID spoofing service, which was established in 2021, is believed to have caused financial losses in the tens of millions and had around 170,000 victims in Britain.
A security audit sponsored by the Open Tech Fund in August 2023 revealed 25 vulnerabilities in Homebrew. The audit found issues that could have allowed attackers to execute code, modify builds, control CI/CD workflows, and access sensitive data.
Access to timely and accurate threat intelligence is essential for organizations, but it can be overwhelming to navigate the vast amount of available data and feeds. Balancing comprehensive information with relevance is crucial.
Google Chrome has implemented app-bound encryption to enhance cookie protection on Windows and defend against infostealer malware. This new feature encrypts data tied to app identity, similar to macOS’s Keychain, to prevent unauthorized access.
A government-affiliated research organization in Taiwan was attacked by APT41 hackers, a notorious Chinese hacking group known for targeting sensitive technologies. The breach, starting in July 2023, was identified by Cisco Talos researchers.