Backdoor into FortiOS: Chinese Threat Actors Utilize 0-Day
Chinese hackers are exploiting a previously patched vulnerability found in Fortinet FortiOS SSL-VPN by using new malware called BOLDMOVE.
Database Malware Strikes Hundreds of Vulnerable WordPress Sites
The database injection against WordPress websites features two different malware embedded together to achieve two entirely different goals.
T-Mobile Hacked Again: 37 Million Accounts Compromised
According to T-Mobile, the data breach occurred in November of 2022, but the company only discovered the incident in January of 2023.
Malicious PyPI Packages Drop Malware in New Supply Chain Attack
These packages were uploaded between the 7th and 12th of January 2023 with the names “colorslib,” “httpslib,” and “libhttps.”
GitHub Disables Pages of Pro-Russia DDoS Group NoName057(16)
NoName057(16) is a group that has been targeting NATO and Czech presidential election candidates’ websites recently.
Android TV Box Sold on Amazon Contain Malware
The affected device was a T95 Android TV box that came with sophisticated, persistent, and pre-installed malware embedded in its firmware.
Credential Stealing Flaw in Google Chrome Impacted 2.5 Billion Users
The vulnerability affected all Chromium-based browsers, including Opera and Edge.
Google Home Vulnerability: Eavesdropping on Conversations
The issue was caused by the software architecture used in Google Home devices.
3Commas API Database Leaked by Anonymous Hacker
3Commas’ CEO, Yuriy Sorokin, has acknowledged the breach.
EarSpy Attack Can Use Motion Sensors Data to Pry on Android Devices
An EarSpy attack is a proof of concept of a new type of attack on Android devices that exposes users to eavesdropping.