December 15, 2023 at 12:32PM 3CX, a VoIP company, urged customers to disable SQL Database integrations due to potential vulnerabilities. The advisory, lacking specific details, affects versions 18 and 20 of the VOIP software and advises disabling MongoDB, MsSQL, MySQL, and PostgreSQL integrations. This comes after a supply chain attack trojanized their 3CXDesktopApp in March … Read more
December 15, 2023 at 08:18AM Ledger, a crypto hardware wallet maker, faced a security breach after former employee fell victim to a phishing attack, leading to theft of $600,000 in virtual assets. Malicious code from the compromised npm account was used to propagate crypto drainer malware to other applications. Ledger has since removed the malicious … Read more
December 14, 2023 at 11:25AM Ledger warns users not to use web3 dApps after a supply chain attack compromised their “Ledger dApp Connect Kit” library, causing a JavaScript wallet drainer to steal $600,000 in crypto and NFTs. The company removed the malicious version, uploaded a clean version, and advised users to clear sign transactions and … Read more
December 14, 2023 at 11:00AM Cybersecurity researchers have found 116 malicious packages in the Python Package Index repository infecting Windows and Linux systems, targeting around 10,000 downloads since May 2023. Attackers employ various techniques to bundle malicious code, mainly aiming to compromise hosts with backdoor malware, including W4SP Stealer and clipper malware. Python developers are … Read more
December 6, 2023 at 03:21AM Trend Micro’s security predictions for 2024 emphasize the need for organizations to adapt their cybersecurity to evolving technologies like cloud, AI/ML, and Web3. Expected threats include cloud-native worms exploiting misconfigurations, sophisticated AI-generated social engineering scams, data poisoning against ML models, CI/CD pipeline attacks on software supply chains, and blockchain-based extortion … Read more
December 4, 2023 at 09:06AM Lasso Security researchers found over 1,500 API tokens, including those of Meta and Google, exposed on Hugging Face, risking supply chain attacks and allowing access to 723 organizations. Exposed tokens with write permissions could alter files, steal private models, or poison data, affecting over a million users. All affected parties … Read more
November 23, 2023 at 01:06AM North Korean threat actor Diamond Sleet is using a trojanized version of a legitimate app developed by CyberLink in a supply chain attack. The poisoned file, hosted on CyberLink’s infrastructure, downloads a second-stage payload. The campaign has affected over 100 devices in Japan, Taiwan, Canada, and the U.S. Microsoft has … Read more
November 22, 2023 at 12:30PM Researchers at Aqua Security have discovered that hundreds of organizations and open-source projects are at risk due to the public exposure of Kubernetes configuration secrets. This vulnerability poses a severe supply chain attack threat as sensitive environments in the Software Development Life Cycle (SDLC) can be accessed. Aqua Security found … Read more
October 30, 2023 at 05:56PM SolarWinds has been charged by the SEC for allegedly hiding cybersecurity issues from investors before the December 2020 APT29 breach. The SEC claims the company failed to disclose the risks and only shared broad information. The SEC also alleges that SolarWinds’ Chief Information Security Officer knew about the vulnerabilities but … Read more
October 27, 2023 at 12:52PM The North Korean Lazarus hacking group repeatedly targeted a software vendor, breaching their system multiple times despite patches and warnings. Kaspersky discovered the attack, which was part of a broader campaign that involved Lazarus targeting various software vendors. The hackers used the SIGNBT malware and LPEClient info-stealer to gain access … Read more