A recent social engineering campaign targeted job seekers in the Web3 space with fake job interviews through a malicious “GrassCall” meeting app that installs information-stealing malware to steal cryptocurrency wallets. […]
Category Added in a WPeMatico Campaign
GrassCall malware campaign drains crypto wallets via fake job interviews
A recent social engineering campaign targeted job seekers in the Web3 space with fake job interviews through a malicious “GrassCall” meeting app that installs information-stealing malware to steal cryptocurrency wallets. […]
VSCode extensions with 9 million installs pulled over security risks
Microsoft has removed two popular VSCode extensions, ‘Material Theme – Free’ and ‘Material Theme Icons – Free,’ from the Visual Studio Marketplace for allegedly containing malicious code. […]
PyPi package with 100K installs pirated music from Deezer for years
A malicious PyPi package named ‘automslc’ has been downloaded over 100,000 times from the Python Package Index since 2019, abusing hard-coded credentials to pirate music from the Deezer streaming service. […]
Lazarus hacked Bybit via breached Safe{Wallet} developer machine
Forensic investigators have found that North Korean Lazarus hackers stole $1.5 billion from Bybit after hacking a developer’s device at the multisig wallet platform Safe{Wallet}. […]
Pump.fun X account hacked to promote scam governance token
The immensely popular memecoin generator Pump.fun had its X account hacked to promote a fake “PUMP” token cryptocurrency scam. […]
EncryptHub breaches 618 orgs to deploy infostealers, ransomware
A threat actor tracked as ‘EncryptHub,’ aka Larva-208, has been targeting organizations worldwide with spear-phishing and social engineering attacks to gain access to corporate networks. […]
Five best practices for securing Active Directory service accounts
Windows Active Directory (AD) service accounts are prime cyber-attack targets due to their elevated privileges and automated/continuous access to important systems. Learn from Specops Software about five best practices to help secure your Active Directory service accounts. […]
Australian IVF giant Genea breached by Termite ransomware gang
The Termite ransomware gang has claimed responsibility for breaching and stealing sensitive healthcare data belonging to Genea patients, one of Australia’s largest fertility services providers. […]
OpenAI’s GPT 4.5 spotted in Android beta, launch imminent
OpenAI’s newest model, GPT-4.5, is coming sooner than we expected. A new reference has been spotted on ChatGPT’s Android app that points to a model called “GPT-4.5 research preview,” but it looks like it will initially be limited to those with a Pro subscription. […]