Malicious PyPI Packages Drop Malware in New Supply Chain Attack
These packages were uploaded between the 7th and 12th of January 2023 with the names “colorslib,” “httpslib,” and “libhttps.”
GitHub Disables Pages of Pro-Russia DDoS Group NoName057(16)
NoName057(16) is a group that has been targeting NATO and Czech presidential election candidates’ websites recently.
Android TV Box Sold on Amazon Contain Malware
The affected device was a T95 Android TV box that came with sophisticated, persistent, and pre-installed malware embedded in its firmware.
Credential Stealing Flaw in Google Chrome Impacted 2.5 Billion Users
The vulnerability affected all Chromium-based browsers, including Opera and Edge.
Google Home Vulnerability: Eavesdropping on Conversations
The issue was caused by the software architecture used in Google Home devices.
3Commas API Database Leaked by Anonymous Hacker
3Commas’ CEO, Yuriy Sorokin, has acknowledged the breach.
EarSpy Attack Can Use Motion Sensors Data to Pry on Android Devices
An EarSpy attack is a proof of concept of a new type of attack on Android devices that exposes users to eavesdropping.
LastPass: Hackers Stole User Data and Encrypted Password Vaults
It turns out that hackers stole much more than just the source code from LastPass.
“GodFather” Hits Banks, Crypto Wallets Apps as Android Trojan Emerges
Researchers believe that GodFather could be a successor of another banking trojan called Anubis, which had its source code leaked in January 2019 on an underground hacking forum.
Google Disruption Fails to Stop Glupteba Botnet
In December 2021, Google announced it had disrupted the Glupteba botnet and filed a lawsuit against two of its Russian operators, but it turns out the botnet is back and kicking.