The Glassworm campaign, which first emerged on the OpenVSX and Microsoft Visual Studio marketplaces in October, is now in its third wave, with 24 new packages added on the two platforms. […]
SmartTube YouTube app for Android TV breached to push malicious update
The popular open-source SmartTube YouTube client for Android TV was compromised after an attacker gained access to the developer’s signing keys, leading to a malicious update being pushed to users. […]
India Orders Phone Makers to Pre-Install Sanchar Saathi App to Tackle Telecom Fraud
India’s telecommunications ministry has reportedly asked major mobile device manufacturers to preload a government-backed cybersecurity app named Sanchar Saathi on all new phones within 90 days.
According to a report from Reuters, the app cannot be deleted or disabled from users’ devices.
Sanchar Saathi, available on the web and via mobile apps for Android and iOS, allows users to report
According to a report from Reuters, the app cannot be deleted or disabled from users’ devices.
Sanchar Saathi, available on the web and via mobile apps for Android and iOS, allows users to report
Microsoft says new Outlook can’t open some Excel attachments
Microsoft is working to resolve a known issue that prevents some users from opening Excel email attachments in the new Outlook client. […]
ShadyPanda Turns Popular Browser Extensions with 4.3 Million Installs Into Spyware
A threat actor known as ShadyPanda has been linked to a seven-year-long browser extension campaign that has amassed over 4.3 million installations over time.
Five of these extensions started off as legitimate programs before malicious changes were introduced in mid-2024, according to a report from Koi Security, attracting 300,000 installs. These extensions have since been taken down.
“These
Five of these extensions started off as legitimate programs before malicious changes were introduced in mid-2024, according to a report from Koi Security, attracting 300,000 installs. These extensions have since been taken down.
“These
Retail giant Coupang data breach impacts 33.7 million customers
South Korea’s largest retailer, Coupang, has suffered a data breach that exposed the personal information of 33.7 million customers. […]
Facial Recognition’s Trust Problem
Two technologies — one for public safety, one for controlled entry — show why trust in facial recognition must be earned, not assumed.
The post Facial Recognition’s Trust Problem appeared first on SecurityWeek.
$29 Million Worth of Bitcoin Seized in Cryptomixer Takedown
Cryptomixer was targeted by law enforcement in Operation Olympia for facilitating cybercrime and money laundering.
The post $29 Million Worth of Bitcoin Seized in Cryptomixer Takedown appeared first on SecurityWeek.
When Hackers Wear Suits: Protecting Your Team from Insider Cyber Threats
Hackers impersonate IT pros with deepfakes, fake resumes, and stolen identities, turning hiring pipelines into insider threats. Huntres sLabs explains how stronger vetting and access controls help stop these threats. […]
ShadyPanda browser extensions amass 4.3M installs in malicious campaign
A long-running malware operation known as “ShadyPanda” has amassed over 4.3 million installations of seemingly legitimate Chrome and Edge browser extensions that evolved into malware. […]