Threats

Vulnerable API Exposes Private npm Packages

Aqua Nautilus security researchers have revealed that threat actors could perform a timing attack on npm's API to uncover private packages. The timing attack on the JavaScript package manager can ...

Ransomware Group Uses Vulnerability to Bypass EDR Products

The BlackByte ransomware group is actively exploiting a vulnerability in RTCore32.sys and RTCore64.sys, the drivers of a widely used graphic card utility called Micro-Star MSI AfterBurner (version 4....

Russia-linked Hackers Launch DDoS Attacks on U.S. Airport Websites

A series of distributed denial of service (DDoS) attacks today briefly took down the websites of over a dozen U.S. airports, including those for Atlanta and Los Angeles International Airports. The at...

New MSSQL Backdoor ‘Maggie’ Infects Hundreds of Servers Worldwide

DCSO CyTec researchers Johann Aydinbas and Axel Wauer are warning of new backdoor malware they’re calling "Maggie," which targets Microsoft SQL servers. Maggie, the researchers say, has already affec...

Microsoft’s Fix Fails to Patch ProxyNotShell RCE Flaws

After Microsoft published guidance on mitigating the two remote code execution flaws uncovered last week by Vietnamese security firm GTSC, it seems the mitigations Microsoft suggested weren’t as effe...

ZINC Hackers Leverage Open-source Software to Lure IT Pros

ZINC, a sub-group of the notorious North Korean Lazarus hacking group, has implanted malicious payloads in open-source software to infiltrate corporate networks, Microsoft's threat hunting team has r...

Symantec, GTSC Warn of Active Microsoft Exploits

Vietnamese security firm GTSC published a blog post this week warning of a new zero-day remote code execution (RCE) flaw in Microsoft Exchange Server, which it said has been actively exploited at lea...

Unpatched Python Library Affects More Than 300,000 Open Source Projects

Trellix security researchers have revealed a major vulnerability in the Python tarfile library that could be exploited in software supply chain attacks. The researchers believe it could be used again...

Ransomware Groups Turn to Intermittent Encryption to Speed Attack Times

During a cyberattack, time is of the essence for both attackers and defenders. To accelerate the ransomware encryption process and make it harder to detect, cybercriminal groups have begun using a ne...

Threat Group TeamTNT Returns with New Cloud Attacks

A retired threat actor has returned with new attacks aimed at the cloud, containers - and encryption keys. The Aqua Nautilus research team observed three attacks that appeared very similar to thos...

Latest articles