March 25, 2024 at 02:06PM Over 170,000 users were impacted by a complex attack employing fake Python infrastructure. The attack targeted the Top.gg GitHub organization and other developers, distributing malware-infected Python PyPI packages. This led to data theft from browsers, Discord, and crypto wallets. The attack involved various tactics, including creating clones of popular Python … Read more
March 25, 2024 at 08:51AM Unidentified adversaries executed a sophisticated supply chain attack targeting individual developers and Top.gg’s GitHub organization account. The attack involved multiple tactics, including account takeover and malicious code insertion. It led to theft of sensitive data and distribution of trojanized software packages. The incident underscores the need for vigilance and thorough … Read more
March 19, 2024 at 06:18AM Hackers are targeting a recently patched Aiohttp vulnerability, potentially affecting thousands of servers globally. A Shodan search reveals over 70,000 instances, with notable exposure in the US, China, and Germany. Cyble’s scanner identified 43,000 exposed instances, with high percentages in the US and Europe. Exploitation attempts have been observed, including … Read more
March 14, 2024 at 06:09AM The US Department of Health and Human Services’ Office for Civil Rights (OCR) is investigating the recent Change Healthcare data breach, aiming to determine if protected health information was compromised. The ransomware attack disrupted healthcare operations, impacting 7,000 pharmacies and hospitals. OCR will focus on Change Healthcare and UnitedHealth Group’s … Read more
March 7, 2024 at 10:55AM Researchers from Palo Alto Networks have discovered new variants of the Bifrost malware targeting Linux. These variants use typosquatting to mimic a legitimate VMware domain, making detection difficult. The malware collects sensitive information and attempts to expand its reach to ARM-based devices. Palo Alto Networks has detected over 100 instances, … Read more
February 27, 2024 at 03:31PM The US Commerce Department added Sandvine and Chengdu Beizhan Electronics to the Entity List for export restrictions due to alleged misuse of technology. Sandvine is accused of supplying spying technology to Egypt, while Chengdu is accused of procuring US goods for China. Both companies deny allegations and are working with … Read more
February 26, 2024 at 03:45PM The ALPHV/BlackCat ransomware gang is reportedly behind the severe cyberattack on Change Healthcare, affecting US pharmacies. The attack disrupted services, causing delays in prescription filling and insurance claim transmissions. The group has also been linked to other high-profile attacks and is being sought by the US government with bounties of … Read more
February 22, 2024 at 10:51AM The open-source pentesting tool SSH-Snake has been used to steal SSH credentials from approximately 100 organizations, leading to worm-like attacks on networks. Developed by Joshua Rogers, the tool maps network dependencies and enables hackers to compromise systems. Despite being used for malicious purposes, its fileless and self-replicating nature makes it … Read more
February 22, 2024 at 07:51AM Change Healthcare, a US healthcare technology giant, suffered a cyberattack causing widespread network disruptions. The company announced the incident, reporting connectivity issues and indicating over 100 applications across various healthcare sectors as affected. It was later disclosed that the disruption was due to an outside threat and that the company … Read more
February 20, 2024 at 10:03AM Over 28,000 internet-accessible Microsoft Exchange servers are affected by a zero-day vulnerability, with an additional 68,000 instances considered possibly vulnerable. The flaw, tracked as CVE-2024-21410, allows for privilege escalation and pass-the-hash attacks. Organizations are urged to apply available mitigations and patches as the exploit is actively targeted. From the meeting … Read more