October 30, 2023 at 07:24AM The EleKtra-Leak campaign is targeting exposed Amazon Web Service (AWS) identity and access management (IAM) credentials on public GitHub repositories for cryptojacking. The campaign has been active since December 2020 and has employed automated targeting of IAM credentials within four minutes of exposure. The attacker has also been linked to … Read more
October 12, 2023 at 03:16PM Malicious NuGet packages imitating popular cryptocurrency projects, exchanges, and platforms have been discovered. These packages, uploaded by a user named ‘Disti’, contain a file that carries out malicious activities on compromised systems. The download numbers for these packages are believed to be inflated, enhancing their perceived credibility. The packages incorporate … Read more
October 12, 2023 at 09:57AM A malicious package named Pathoschild.Stardew.Mod.Build.Config has been found on the NuGet package manager. It delivers a remote access trojan called SeroXen RAT. The package is a typosquat of a legitimate package and has artificially inflated its download count to over 100,000. The profile behind the package has published six other … Read more