Author: Admin
April 19, 2025Red LakshmananLinux / malicious program Cybersecurity researchers have discovered three malicious packages in the NPM register, which is masked as a popular Telegram Bot Library, but Harbour SSH Backdoor and the data exports. Under consideration packages are given below – According to the safety of the supply chains, the packages are designed to simulate Node-Telegram-Bot-APIPopular API Node.js Telegram with more than 100,000 Weeking Downloads. Three libraries are still available for download. “Although this number may seem modest – Note. “The supply security incidents repeatedly indicate that even several institutions may have catastrophic consequences, especially if the attackers get…
April 19, 2025Red LakshmananNetwork security / vulnerability ASUS revealed a critical lack of security that affect the routers Aicloud Enabled, which can allow distant attackers to perform unauthorized performance on sensitive devices. Vulnerability tracked as Cve-2025-2492has a CVSS 9.2 mark with a maximum of 10.0. “Incorrect vulnerability by authentication management exists in a specific series of asus firmware”, Asus – Note In advisory. “This vulnerability can be caused by a developed request, which can lead to unauthorized functions.” The disadvantage was addressed with the firmware updates for the following branches – 3.0.0.4_382 3.0.0.4_386 3.0.0.4_388, and 3.0.0.6_102 For optimal protection it…
Cybersecurity researchers have warned of a “wide and permanent” SMS phishing company, which aims at paid road roads in the US for financial thefts since mid -October 2024. “Numerous attacks on the road are carried out by numerous financially motivated threats by the subjects using the Smishing set, developed” Wang Duo Yu. evaluated with moderate confidence. A Phishing -CompanyAccording to the company, it stands for US electronic fence collection systems such as E-ZPASS, sending SMS messages and apple zessages to private persons by Washington, Florida, Pennsylvania, Virginia, Texas, Ohio, Illinois and Kansas about unpaid value. Worth noting some aspects of…
A new multi -stage attack has been noted, which provides malware such as Tesla options, Remcos Rat and Xloader. “The attackers are increasingly counting on such complex delivery mechanisms to avoid detection, bypassing traditional sandboxes and ensuring successful delivery and execution of useful load,” “Palo Alto Networks Unit 42 Researcher Sakib Hanzada” – Note In the company’s technical record. The starting point of the attack is a deceptive letter that presents the request for the malicious attachment of the 7-ZIP archive, which contains the JavaScript file coded (.jse). The e -mail, which was observed in December 2024, falsely claimed that…
April 18, 2025Hacker NewsSaas Security / Shadow It Your employees did not want to expose sensitive data. They just wanted to move faster. So they used the chat to summarize the deal. Uploaded the spreadsheet into the AI -enhanced AI tool. Built -in chat in salesforce. Nothing wrong – until it’s. If it sounds familiar, you are not alone. Most security teams are already lagging behind the detection of how AI’s tools calmly redo their Saas environments. And as long as the warning is caused – if it even exists – the damage can already be done. This is not…
April 18, 2025Red LakshmananIoT / malicious software safety Cybersecurity researchers warn of the constant risks provided by distributed malicious software refusal (DDOS) XorddosFrom 71.3 percent of the attacks between November 2023 and February 2025, sent to the US. “From 2020 to 2023, Trojan Xorddos has increased significantly in prevalence,” Cisco Talos Joey researcher – Note In the Thursday analysis. “This trend is not only due to the widespread global distribution of the Triana XordDOS, but also to the impact on the malicious DNS-related and control (C2). Almost 42 percent of compromised devices are located in the US, then Japan, Canada,…
April 18, 2025Red LakshmananSecurity / vulnerability Windows Cybersecurity and US Infrastructure Agency (CISA) on Thursday on Thursday added Lack of high school security that affects Microsoft Windows to known exploited vulnerabilities (Ship) Catalog, subsequent reports of active exploitation in the wild. Vulnerability assigned to CVE ID Cve-2025-24054 (CVSS assessment: 6.5), this is a new Windows Local Network Manager (Ntlm) The hash -spinning fake bug that Microsoft was secured last month as part of the patch upgrade on Tuesday. NTLM is a hereditary authentication protocol that Microsoft is officially outdated last year in favor of Kerberos. In recent years, the threats…
Chinese actor threats known as Mustang Panda He was linked to cyber -napad aimed at an uncertain organization in Myanmar with previously unrelated instruments, emphasizing the constant efforts from the subjects threat to enhanced and the effectiveness of his malware. These include updated versions of the famous rear Toneas well as a new side motion tool called Starproxy, two Keylogger cadencies Splatcloak. “Toneshell, the back of the Mustang Panda, was updated with changes in its FAKETLS Command and Control (C2) communications protocol, as well as in customer IDs creation and storage methods,” said the Zscaler OPHERLABZ SINGH IN A IN…
Several hacking groups funded by the state from Iran, North Korea and Russia have been found to use the increasingly popular CLICFIX social engineering tactics to deploy malware over three months from the end of 2024 to early 2025. Phisching companies taking strategy were attributed to clusters tracking Ta427 (Kimusuki), Ta450 (AKA MUDDYWATER, UNK_REMOTEROGE, and Ta422 (AKA APT28). Clickfix was the initial access methodology, primarily related to cybercrime groups, although the effectiveness of the approach also led to the adoption of nation -states. “Inclusion Clickfix does not revolutionize companies conducted by TA427, Ta450, Unk_remoterogue and Ta422, and instead replaces the…
April 17, 2025Red LakshmananCybersecurity / malicious software Microsoft draws attention to the permanent Malvertising company that uses Node.js to provide malicious loads capable of theft of information and data exports. Activity For the first time discovered In October 2024, lures related to cryptocurrency trading were used to trick users to install a robber from fraudulent sites that are masked as legal software, such as Binance or Tradingview. The downloaded installation comes in a dynamic reference library (“Customactions.dll”), which is responsible for harvesting basic system information using the Windows Management (WMI) instrument and sustainability settings through the planned task. In an…