Hacks/Cracks
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
The ChatGPT-powered Blackmamba malware, which can operate on macOS, Windows, and Linux systems, works as a keylogger, with the ability to send stolen credentials through Microsoft Teams.
A novel Linux version of the IceFire ransomware that exploits a vulnerability in IBM's Aspera Faspex file-sharing software has been identified by SentinelLabs, a research division of cybersecurity company Sentinel One. The exploit is for CVE-2022-47986, a recently patched Aspera Faspex vulnerability.
Threat actors linked to the IceFire ransomware operation now actively target Linux systems worldwide with a new dedicated encryptor. SentinelLabs security researchers found that the gang has breached the networks of several media and entertainment organizations around the world in recent weeks, starting mid-February, according to a report shared in advance with BleepingComputer.
The threat actor known as Lucky Mouse has developed a Linux version of a malware toolkit called SysUpdate, expanding on its ability to target devices running the operating system.
The APT27 hacking group, aka "Iron Tiger," has prepared a new Linux version of its SysUpdate custom remote access malware, allowing the Chinese cyberespionage group to target more services used in the enterprise.
An infamous Chinese cyber-hacking team has extended its SysUpdate malware framework to target Linux systems.
Security researchers have discovered yet another sizable haul of malicious packages on the open source registries npm and PyPI. These packages, which could cause problems if developers downloaded them without realizing it, can be found here.
An explosion of cyberattacks is infecting servers around the world with crippling ransomware by exploiting a vulnerability that was patched two years ago.
Security researchers have discovered another sizeable haul of malicious packages on the npm and PyPI open source registries, which could cause issues if unwittingly downloaded by developers.
The notorious Russian-speaking cybercriminals grew successful by keeping a low profile. But now they have a target on their backs.
An increasing number of threat actors have started relying on the command-and-control (C2) framework Sliver as an open-source alternative to tools such as Metasploit and Cobalt Strike.
A Chinese-speaking hacking group tracked as ‘DragonSpark’ was observed employing Golang source code interpretation to evade detection while launching espionage attacks against organizations in East Asia.
Threat actors have been leveraging polyglot and malicious Java archive files to distribute the StrRAT and Ratty remote access trojans to evade detection by security solutions, The Hacker News reports.
SecurityWeek reports that pro-Ukraine hacktivist group GhostSec is having its claims of launching the first-ever ransomware attack against an industrial control system device questioned by cybersecurity experts.
The Python Package Index, or PyPI, continues to surprise and not in a good way. Ideally a source of Python libraries that developers can include in their projects to save time, PyPI has again been caught hosting packages with live Amazon Web Services (AWS) keys and data-stealing malware.
South Korean cybersecurity firm AhnLab Security Emergency Response Center said it has observed a new Linux malware in the wild that deploys a cryptocurrency miner on infiltrated systems using a shell script compiler downloader, reports The Hacker News. According to the report, a successful breach will be followed by execution of the shc downloader malware to fetch the XMRig cryptocurrency miner software and a Perl-based DDoS IRC Bot that allows the attacker to connect through a remote server and proceed to mount distributed denial-of-service attacks.
If you downloaded PyTorch-nightly on Linux via pip between Dec. 25, 2022, and Dec. 30, 2022, you've got trouble.
Cybersecurity researchers have spotted a new Linux malware downloader that targets poorly defended Linux servers with cryptocurrency miners and DDoS IRC bots.
Users who deployed the nightly builds of PyTorch between Christmas and New Year's Eve likely received a rogue package as part of the installation that siphoned off sensitive data from their systems. The incident was the result of an attack called dependency confusion that continues to impact package managers and development environments if hardening steps are not taken.
A new Linux malware developed using the shell script compiler has been observed deploying a cryptocurrency miner on compromised systems.