Solana Web3.js Library Backdoored in Supply Chain Attack

December 4, 2024 at 06:33AM This week, developers unknowingly downloaded compromised versions of the Solana Web3.js library, allowing attackers to steal private keys and drain funds. The malicious versions were available for five hours. Users are advised to update to the clean version and reset all credentials, as their systems may be compromised. ### Meeting … Read more

‘GoIssue’ Cybercrime Tool Targets GitHub Developers En Masse

November 12, 2024 at 12:52PM Researchers identified a tool named GoIssue on a cybercrime forum aimed at GitHub users for bulk credential theft and malicious activities. It automates email harvesting from GitHub profiles for phishing campaigns. Potentially linked to an earlier extortion campaign, it enhances risks for developers, urging vigilance against suspicious communications. ### Meeting … Read more

GitLoker Strikes Again: New “Goissue” Tool Targets GitHub Developers and Corporate Supply Chains

November 12, 2024 at 09:32AM GoIssue is a new tool enabling cybercriminals to extract email addresses from GitHub profiles for bulk email attacks on users, highlighting vulnerabilities in GitHub’s security for developers and corporate supply chains. The article discusses its implications for online security. **Meeting Takeaways:** 1. **Introduction of GoIssue Tool**: A new tool named … Read more

New Scoring System Helps Secure the Open Source AI Model Supply Chain

October 24, 2024 at 06:09AM AI models from Hugging Face may harbor hidden issues similar to open-source software from platforms like GitHub. A new scoring system has been introduced to enhance the security of the open-source AI model supply chain. This aims to address potential vulnerabilities in AI models. **Meeting Takeaways:** 1. **Similarity in Issues**: … Read more

GitHub, Telegram Bots, and QR Codes Abused in New Wave of Phishing Attacks

October 11, 2024 at 02:00PM A new malware campaign targets the finance and insurance sectors using GitHub links in phishing emails to deliver Remcos RAT, exploiting trusted repositories. This technique, involving malware uploads to GitHub issues, allows attackers to bypass security. Recent research reveals expanded phishing tactics targeting accommodation platforms, improving scam effectiveness through automation. … Read more

Gamers Tricked Into Downloading Lua-Based Malware via Fake Cheating Script Engines

October 8, 2024 at 01:15PM Users searching for game cheats are lured into downloading Lua-based malware, with a focus on gaming engine supplements. The malware establishes persistence on infected systems, delivering additional payloads. Techniques include GitHub exploitation, targeting gaming communities worldwide. Researchers emphasize a shift to obfuscated Lua scripts as a means of evading detection. … Read more

Reachability Analysis Pares Down Static Security-Testing Overload

September 30, 2024 at 08:00PM AI code-generation assistants have increased coding speed but also lead to more defects and vulnerabilities, resulting in a rise in false positives for application vulnerabilities. Reachability analysis is being used to prioritize remediation requests, reducing the number of vulnerabilities needing patching. Overall, reducing non-reachable code helps cut remediation work by … Read more

The “Llama” is freed: Winamp goes open source after 27 years

September 25, 2024 at 10:38AM The iconic Winamp media player, launched in 1997, has fulfilled its pledge to go open-source by publishing its complete source code on GitHub. This move allows developers to contribute, create new projects, or incorporate the code into other media players. It also enables updating to newer technologies, with potential for … Read more

Developers Beware: Lazarus Group Uses Fake Coding Tests to Spread Malware

September 11, 2024 at 06:27AM Cybersecurity researchers have discovered new malicious Python packages targeting software developers, using fake job interviews as lures. Linked to North Korea-backed Lazarus Group, the ongoing campaign dubbed VMConnect employs modified legit PyPI libraries to embed malicious code. Attackers impersonate legitimate companies and use LinkedIn to contact and infect unsuspecting developers. … Read more

Fake OnlyFans cybercrime tool infects hackers with malware

September 5, 2024 at 06:24AM Hackers deceive other hackers by distributing a fake tool for OnlyFans, infecting them with Lumma stealer malware. This exemplifies the blurred lines in cybercrime. Lumma is an info-stealing malware, with the capability to spread additional payloads and regain expired Google tokens. Veriti’s findings also uncover a broader operation targeting Disney+ … Read more