March 21, 2024 at 03:10PM The KDE team warns Linux users to be cautious when installing global themes from the official KDE Store, as these themes can run arbitrary code on devices, potentially causing data loss. They lack resources to review the code of each submitted theme and advise users to be vigilant and report … Read more
March 10, 2024 at 11:42AM Hackers are exploiting an XSS vulnerability in outdated Popup Builder plugin versions, infecting over 3,300 WordPress sites with malicious code. A new campaign targeting the same vulnerability has seen a notable uptick, with Sucuri reporting 1,170 infections. To defend against these attacks, users are advised to upgrade to Popup Builder … Read more
March 8, 2024 at 11:49AM Open-source repositories are essential for modern applications, but can harbor security risks. A new framework from CISA and OpenSSF suggests controls like multi-factor authentication and security reporting to reduce malicious code exposure. However, the security of repositories varies, with potential for accidental inclusion of malicious packages. The risk of namesquatting … Read more
March 8, 2024 at 07:23AM Open-source repositories are crucial for modern applications, but carelessness can introduce backdoors and vulnerabilities. A new security framework by CISA and OpenSSF recommends controls to enhance security. The guidelines aim to prevent incidents like namesquatting and unintentional inclusion of malicious software in repositories. This comes as IT departments are grappling … Read more
March 5, 2024 at 03:28PM The ‘WogRAT’ malware targets Windows and Linux, utilizing the ‘aNotepad’ platform to store and retrieve malicious code. Named by AhnLab Security Intelligence Center (ASEC), it has been active since late 2022, targeting Asian countries. The malware employs covert distribution methods to avoid detection, using an online, legitimate service for stealthier … Read more
February 27, 2024 at 09:37AM Malicious JavaScript code found in a Tornado Cash governance proposal has been leaking deposit data for 2 months, compromising fund transaction privacy and security. Security researcher Gas404 discovered the code and urged stakeholders to veto the proposals. Tornado Cash, an Ethereum mixer, uses SNARKs for anonymity, but has also been … Read more
February 27, 2024 at 09:29AM Malicious JavaScript code in a Tornado Cash governance proposal has leaked deposit notes to a private server for almost two months, compromising fund transaction privacy and security. Security researcher Gas404 discovered the code and urged stakeholders to veto the proposal. The compromised protocol introduced the code and Tornado Cash urges … Read more
January 23, 2024 at 01:48PM Three vulnerabilities in Lamassu Douro bitcoin ATMs allowed attackers with physical access to take over and steal user assets, as reported by IOActive. The vulnerabilities, tracked as CVE-2024-0175, CVE-2024-0176, and CVE-2024-0177, enabled attackers to execute an attack with the same level of access as regular customers. Lamassu fixed the bugs … Read more
January 22, 2024 at 03:15PM Security researchers discovered the Parrot traffic direction system (TDS) to be rapidly evolving, enhancing its malicious capabilities. Targeting vulnerable WordPress and Joomla sites, it infects and redirects users to malicious locations, with 16,500 websites affected. The TDS operators sell the traffic to threat actors, who profile and redirect users to … Read more
November 3, 2023 at 03:00PM The Lazarus group, a North Korean APT group, has developed macOS malware called “KandyKorn” to target blockchain engineers connected to cryptocurrency exchanges. The malware has capabilities to steal data, including cryptocurrency services and applications. The group used a multistage approach involving a Python application distributed through a public Discord server. … Read more