July 17, 2024 at 12:43PM Researchers have found a new variant of a stealer malware linked to North Korea, this time targeting job seekers with a malicious Apple macOS disk image file named “MiroTalk.dmg.” This malware, known as BeaverTail, can steal sensitive data from web browsers, crypto wallets, and iCloud Keychain. Additionally, a new malicious … Read more
March 29, 2024 at 02:09AM The Python Package Index (PyPI) temporarily halted new user sign-ups due to an influx of malicious projects aimed at developers. Threat actors used typosquatting to upload deceptive versions of popular packages, targeting sensitive data and crypto wallets. Over 500 suspicious packages were uploaded within days, highlighting the increasing risk of … Read more
March 13, 2024 at 08:07AM Security researchers at Salt Labs discovered three critical vulnerabilities in the ChatGPT extension, potentially exposing users’ accounts and services to unauthorized access. The first vulnerability occurs during plugin installation, allowing malicious code approval. The second vulnerability lacks proper user authentication, enabling account takeovers. The third vulnerability allows for OAuth redirection … Read more