Banshee Stealer Hits macOS Users via Fake GitHub Repositories
SUMMARY Cybersecurity researchers at Check Point detected a new version of Banshee Stealer in late September 2024, distributed…
New PayPal Phishing Scam Exploits MS365 Tools and Genuine-Looking Emails
Fortinet uncovers a new PayPal phishing scam exploiting legitimate platform features. Learn how this sophisticated attack works and how to protect yourself from falling victim.
Millions of Email Servers Exposed Due to Missing TLS Encryption
Millions of email servers worldwide remain alarmingly vulnerable to cyberattacks due to a critical security oversight: the absence of Transport Layer Security (TLS) encryption.
Critical Vulnerabilities in Moxa Routers Allow Root Privilege Escalation
Critical security vulnerabilities have been found in Moxa cellular routers and network security appliances. Learn about CVE-2024-9138 &…
US Telecom Breaches Widen as 9 Firms Hit by Chinese Salt Typhoon Hackers
The Wall Street Journal reports that Charter, Consolidated, and Windstream have been added to the growing list of…
New FireScam Infostealer Spyware Hits Android via Fake Telegram Premium
Researchers at Cyfirma have discovered FireScam, an Android malware disguised as 'Telegram Premium' that steals data, monitors activity, and infiltrates devices. Learn about its distribution, functionality, and the impact on user privacy.
NPM Package Disguised as an Ethereum Tool Deploys Quasar RAT
Researchers discovered a malicious package on the npm package registry that resembles a library for Ethereum smart contract vulnerabilities but actually drops an open-source remote access trojan called Quasar RAT onto developer systems.
Fake 7-Zip Exploit Code Traced to AI-Generated Misinterpretation
A recent claim that a critical zero-day vulnerability existed in the popular open-source file archiver 7-Zip has been met with skepticism from the software's creator and other security researchers.
FortiGuard Labs Links New EC2 Grouper Hackers to AWS Credential Exploits
Researchers at FortiGuard Labs have identified a prolific attacker group known as "EC2 Grouper" who frequently exploits compromised credentials using AWS tools.
16 Chrome Extensions Hacked in Large-Scale Credential Theft Scheme
SUMMARY A sophisticated attack campaign has compromised at least 16 Chrome browser extensions, exposing over 600,000 users to…