A financially motivated threat actor automated the package publishing process in a coordinated tea.xyz token farming campaign.
The post Amazon Detects 150,000 NPM Packages in Worm-Powered Campaign appeared first on SecurityWeek.
Category Added in a WPeMatico Campaign
Imunify360 Vulnerability Could Expose Millions of Sites to Hacking
A vulnerability in ImunifyAV can be exploited for arbitrary code execution by uploading a malicious file to shared servers.
The post Imunify360 Vulnerability Could Expose Millions of Sites to Hacking appeared first on SecurityWeek.
Anthropic Says Claude AI Powered 90% of Chinese Espionage Campaign
A state-sponsored threat actor manipulated Claude Code to execute cyberattacks on roughly 30 organizations worldwide.
The post Anthropic Says Claude AI Powered 90% of Chinese Espionage Campaign appeared first on SecurityWeek.
Google Says Chinese ‘Lighthouse’ Phishing Kit Disrupted Following Lawsuit
The cybercriminals informed customers that their cloud server was shut down due to complaints.
The post Google Says Chinese ‘Lighthouse’ Phishing Kit Disrupted Following Lawsuit appeared first on SecurityWeek.
ChatGPT Vulnerability Exposed Underlying Cloud Infrastructure
A researcher found a way to exploit an SSRF vulnerability related to custom GPTs to obtain an Azure access token.
The post ChatGPT Vulnerability Exposed Underlying Cloud Infrastructure appeared first on SecurityWeek.
1,000+ Servers Hit in Law Enforcement Takedown of Rhadamanthys, VenomRAT, Elysium
An individual believed to have been involved in the operation of VenomRAT was arrested recently in Greece.
The post 1,000+ Servers Hit in Law Enforcement Takedown of Rhadamanthys, VenomRAT, Elysium appeared first on SecurityWeek.
CISA Updates Guidance on Patching Cisco Devices Targeted in China-Linked Attacks
Federal agencies have reported as ‘patched’ ASA or FTD devices running software versions vulnerable to attacks.
The post CISA Updates Guidance on Patching Cisco Devices Targeted in China-Linked Attacks appeared first on SecurityWeek.
Webinar Today: The Future of Industrial Network Security
Join us as speakers from Cisco outline important steps industrial organizations can take to safeguard operations, achieve compliance, and enable sustainable growth.
The post Webinar Today: The Future of Industrial Network Security appeared first on SecurityWeek.
Tens of Thousands of Malicious NPM Packages Distribute Self-Replicating Worm
The spam campaign is likely orchestrated by an Indonesian threat actor, based on code comments and the packages’ random names.
The post Tens of Thousands of Malicious NPM Packages Distribute Self-Replicating Worm appeared first on SecurityWeek.
NHS Investigating Oracle EBS Hack Claims as Hackers Name Over 40 Alleged Victims
The UK’s national healthcare system is working with the country’s National Cyber Security Centre to investigate the incident.
The post NHS Investigating Oracle EBS Hack Claims as Hackers Name Over 40 Alleged Victims appeared first on SecurityWeek.