Researchers Uncover Malicious NPM Packages Stealing Data from Apps and Web Forms
Researchers have uncovered a software supply-chain attack involving packages hosted on the Node Package Manager (npm), which is the package manager for the Node.js JavaScript platform. The campaign leveraged malicious [...]
Gitlab patches critical RCE bug in latest security release
Gitlab has patched a critical vulnerability that could allow an attacker to execute code remotely. The security issue, which has been rated as critical, has been discovered in all versions of GitLab, [...]
Microsoft: Raspberry Robin worm already infected hundreds of networks
Raspberry Robin is a Windows worm discovered by cybersecurity researchers from Red Canary, the malware propagates through removable USB devices. The malicious code uses Windows Installer to reach out to QNAP-associated [...]
Jenkins discloses dozens of zero-day bugs in multiple plugins
The Jenkins security team announced 34 security vulnerabilities affecting 29 plugins for the Jenkins open-source automation server. 29 of these bugs are zero-days still waiting to be patched. It is a [...]
AstraLocker 2.0 infects users directly from Word attachments
AstraLocker 2.0 is a ransomware variant belonging to the Babuk family. It recently released its second major release, and according to threat analysts, its operators are involved in rapid attacks that drop [...]
Get Social