A DDoS mitigation service provider in Europe was targeted in a massive distributed denial-of-service attack that reached 1.5 billion packets per second. […]
Microsoft waives fees for Windows devs publishing to Microsoft Store
Microsoft announced that, starting today, individual Windows developers will no longer have to pay for publishing their applications on the Microsoft Store. […]
Hackers left empty-handed after massive NPM supply-chain attack
The largest supply-chain compromise in the history of the NPM ecosystem has impacted roughly 10% of all cloud environments, but attackers made little profit off it. […]
Pixel 10 fights AI fakes with new Android photo verification tech
Google is integrating C2PA Content Credentials into the Pixel 10 camera and Google Photos, to help users distinguish between authentic, unaltered images and those generated or edited with artificial intelligence technology. […]
Cursor AI editor lets repos “autorun” malicious code on devices
A weakness in the Cursor code editor exposes developers to the risk of automatically executing tasks in a malicious repository as soon as it’s opened. […]
Chinese APT Deploys EggStreme Fileless Malware to Breach Philippine Military Systems
An advanced persistent threat (APT) group from China has been attributed to the compromise of a Philippines-based military company using a previously undocumented fileless malware framework called EggStreme.
“This multi-stage toolset achieves persistent, low-profile espionage by injecting malicious code directly into memory and leveraging DLL sideloading to execute payloads,” Bitdefender
“This multi-stage toolset achieves persistent, low-profile espionage by injecting malicious code directly into memory and leveraging DLL sideloading to execute payloads,” Bitdefender
Jaguar Land Rover confirms data theft after recent cyberattack
Jaguar Land Rover (JLR) confirmed today that attackers also stole “some data” during a recent cyberattack that forced it to shut down systems and instruct staff not to report to work. […]
Jaguar Land Rover Admits Data Breach Caused by Recent Cyberattack
After announcing that the cyberattack-caused disruption to factories would continue, Jaguar Land Rover is now confirming a data breach.
The post Jaguar Land Rover Admits Data Breach Caused by Recent Cyberattack appeared first on SecurityWeek.
Can I have a new password, please? The $400M question.
Scattered Spider didn’t need a zero-day to breach Clorox. They just phoned the help desk—convincing agents to reset passwords & MFA without proper checks. The result: $380M in damages. Learn from Specops Software why caller verification and audit trails are critical. […]
CHILLYHELL macOS Backdoor and ZynorRAT RAT Threaten macOS, Windows, and Linux Systems
Cybersecurity researchers have discovered two new malware families, including a modular Apple macOS backdoor called CHILLYHELL and a Go-based remote access trojan (RAT) named ZynorRAT that can target both Windows and Linux systems.
According to an analysis from Jamf Threat Labs, ChillyHell is written in C++ and is developed for Intel architectures.
CHILLYHELL is the name assigned to a malware
According to an analysis from Jamf Threat Labs, ChillyHell is written in C++ and is developed for Intel architectures.
CHILLYHELL is the name assigned to a malware