Malicious Python Package Hides Sliver C2 Framework in Fake Requests Library Logo
Cybersecurity researchers have identified a malicious Python package that purports to be an offshoot of the popular requests library and has been found concealing a Golang-version of the Sliver command-and-control (C2) framework within a PNG image of the project's logo.
The package employing this steganographic trickery is requests-darwin-lite, which has been
New Spectre-Style ‘Pathfinder’ Attack Targets Intel CPU, Leak Encryption Keys and Data
Researchers have discovered two novel attack methods targeting high-performance Intel CPUs that could be exploited to stage a key recovery attack against the Advanced Encryption Standard (AES) algorithm.
The techniques have been collectively dubbed Pathfinder by a group of academics from the University of California San Diego, Purdue University, UNC Chapel
TikTok fined nearly $11 million by Italian regulator
Italian authorities fined TikTok $10.9 million on Thursday for fueling the spread of videos likely to harm the “psycho physical safety” of users, according to a press release from the country’s Competition Authority (AGCM).
JetBrains vulnerability exploitation highlights debate over ‘silent patching’
Czech software giant JetBrains harshly criticized security company Rapid7 this week following a dispute over two recently-discovered vulnerabilities
Roku cancels unauthorized subscriptions and provides refunds for 15k breached accounts
Roku said it canceled unauthorized subscriptions and refunded more than 15,000 accounts after discovering what they called “suspicious activity.”
EC-Council C|EH Threat Report 2024: A Wake-Up Call for Cybersecurity Professionals 2024
The digital landscape is constantly shifting, and with it, the tactics and methods employed by cyber threat actors. Staying informed and ahead of the curve is not just a goal but rather a necessity.
Ethical Hacking vs. Penetration Testing: Unraveling the Distinctions for Effective Cybersecurity Strategies
The whitepaper begins by exploring ethical hacking and penetration testing methodologies, objectives, and scopes.
Taiwanese semiconductor company hit by ransomware attack
One of Taiwan's biggest semiconductor manufacturers has fallen victim to a cyberattack, supposedly carried out by the notorious LockBit ransomware gang.
How a ‘crypto drainer’ tricked people into handing over $80 million in assets worldwide
Researchers have detailed how a scam campaign spoofed over a hundred cryptocurrency brands in the past year, stealing at least $80 million in assets from its victims' digital wallets.
In AirTags stalking lawsuit, federal judge says Apple likely negligent
A San Francisco-based federal judge said he believes Apple was likely negligent in its design and oversight of the AirTags tracking product.