Author: Admin

December 9, 2024Ravi LakshmananArtificial Intelligence / Vulnerability Details have emerged about the patched security flaw in the DeepSeek an artificial intelligence (AI) chatbot that, if successfully deployed, could allow an attacker to take control of a victim’s account using quick injection attack. Security researcher Johann Rehberger, who has chronicle many operational injection attacks targeting various AI tools, found that providing the input “Print xss cheat sheet in bulleted list. payloads only” in the DeepSeek chat caused JavaScript code to be executed as part of the generated response – a classic case of cross-site scripting (XSS). XSS attacks can have serious…

December 7, 2024Ravi LakshmananCyber ​​Security / Election Fraud In a historic decision, Romania’s Constitutional Court annulled the results of the first round of voting in the presidential election amid accusations of Russian interference. As a result, the second round of voting, which was scheduled for December 8, 2024, will no longer take place. Kellyn Georgescu, who won the first round, reported the verdict as an “official coup” and an attack on democracy. “The electoral process for the Romanian presidential elections will be resumed in full, the government will set a new date for the Romanian presidential elections, as well as…

December 7, 2024Ravi LakshmananMalware / Security Web3 Cybersecurity researchers have warned of a new scam that uses fake video conferencing software to deliver an information stealer called Realst targeting people working in Web3 under the guise of fake business meetings. “The threat actors behind the malware have created fake campaigns that use artificial intelligence to boost their legitimacy,” Cado Security researcher Tara Gould said. “The company is reaching out to properties to set up a video call by asking the user to download a meeting app from a website that is a Realst Infostealer.” The security company codenamed the activity…

December 7, 2024Ravi LakshmananSupply Chain Attack / Cryptocurrency In yet another attack on the software supply chain, two versions of the popular Python artificial intelligence (AI) library called ultralytics were compromised to supply a cryptocurrency miner. Versions 8.3.41 and 8.3.42, have since been removed from the Python Package Index (PyPI) repository. And after released version released a security patch that “ensures a secure publishing workflow for the Ultralytics package.” Project maintainer Glen Jocher confirmed on GitHub that the two versions were infected by injecting malicious code into the PyPI deployment process after reports arose that the installation of the library…

December 7, 2024Hacker newsEnterprise security / threat prevention Cybercriminals know that privileged accounts are the key to your kingdom. A single compromised account can lead to data theft, disrupted operations, and major business losses. Even leading organizations struggle to maintain privileged accounts. why? Traditional Privileged Access Management (PAM) solutions often fail, leaving: Blind spots that limit full visibility. Complex deployment processes. Manual account discovery is time-consuming. Weak Least Privilege Access Enforcement. Vulnerabilities that allow administrators to bypass controls. These flaws leave critical vulnerabilities that attackers exploit daily. But it doesn’t have to be this way. In our webinar “Preventing Privilege…

December 6, 2024Ravi LakshmananSpy software / Mobile security The Federal Security Service (FSB) has secretly installed spyware on its Android device from a Russian programmer accused of donating money to Ukraine after he was detained earlier this year. The findings were made as part of a joint investigation The first department and the University of Toronto Civil laboratory. “The spyware placed on his device allows the operator to track the target device’s location, record phone calls, keystrokes and read messages from encrypted messaging programs, among other capabilities,” the report said. In May 2024, Kiril Parubets was released out of custody…

December 6, 2024Ravi LakshmananArtificial Intelligence / Vulnerability Cybersecurity researchers have discovered multiple security flaws affecting open source machine learning (ML) tools and frameworks such as MLflow, H2O, PyTorch, and MLeap that can pave the way for code execution. The vulnerabilities discovered by JFrog are part of a larger collection of 22 security flaws from the supply chain security company. disclosed for the first time last month. Unlike the first set, which included server-side flaws, the new detailed ones allow for ML clients and reside in libraries that handle safe model formats such as Keepers. “The capture of an ML client…

December 6, 2024Ravi LakshmananMalware / cybercrime Threat actors for More_eggs malware have been linked to two new malware families, indicating the expansion of their malware-as-a-service (MaaS) activities. This includes a new information-stealing backdoor called RevC2 and a bootloader codenamed Venom Loader, both of which are deployed using VenomLNK, the primary tool that serves as the initial access vector to deploy subsequent payloads. “RevC2 uses WebSockets to communicate with its command and control (C2) server. The malware is capable of stealing cookies and passwords, proxying network traffic and providing remote code execution (RCE),” Zscaler ThreatLabz researcher Muhammad Irfan V.A. said. “Venom…

December 6, 2024Hacker newsMalware / Threat Intelligence A threat actor known as Hammeredon the use of leverage was observed Cloudflare Tunnels as a tactic to hide its staging infrastructure, which hosts a malware called GammaDrop. The activity is part of the constant phishing campaign In a new analysis, Recorded Future’s Insikt Group said it has targeted Ukrainian organizations since at least early 2024 and is designed to eliminate Visual Basic Script malware. The cybersecurity company is tracking the threat under the name BlueAlpha, which is also known as Aqua Blizzard, Armageddon, Hive0051, Iron Tilden, Primitive Bear, Shuckworm, Trident Ursa, UAC-0010,…

December 5, 2024Ravi LakshmananInternet Fraud / Cybercrime Europol on Thursday announced the closure of the Clearnet marketplace under the name Manson’s Market which has contributed to internet fraud on a large scale. The operation, led by German authorities, led to the seizure of more than 50 servers linked to the service and the arrest of two suspects. More than 200 terabytes of digital evidence has been collected. Manson Market (“manson-market(.)pw”) is believed to have been launched in 2022 as a way to distribute sensitive information that was illegally obtained from victims in phishing and vishing (voice phishing) schemes. One such…