Seven malicious PyPi packages were found using Gmail’s SMTP servers and WebSockets for data exfiltration and remote command execution. The packages were discovered by Socket’s threat research team, who reported their findings to the PyPI, resulting in the removal of the packages. However, some of these packages were on PyPI for over four years, and … Read more
A China-aligned APT threat actor named “TheWizards” abuses an IPv6 networking feature to launch adversary-in-the-middle (AitM) attacks that hijack software updates to install Windows malware. According to ESET, the group has been active since at least 2022, targeting entities in the Philippines, Cambodia, the United Arab Emirates, China, and Hong Kong. Victims include individuals, gambling companies, … Read more
A new malware campaign targeting WordPress sites employs a malicious plugin disguised as a security tool to trick users into installing and trusting it. According to Wordfence researchers, the malware provides attackers with persistent access, remote code execution, and JavaScript injection. At the same time, it remains hidden from the plugin dashboard to evade detection. … Read more
WhatsApp has announced the introduction of ‘Private Processing,’ a new technology that enables users to utilize advanced AI features by offloading tasks to privacy-preserving cloud servers. This is required to utilize AI functionalities such as message summarization and writing suggestions on WhatsApp, which are too demanding for on-device hardware. The new feature will be entirely opt-in … Read more
Cybersecurity company SonicWall has warned customers that several vulnerabilities impacting its Secure Mobile Access (SMA) appliances are now being actively exploited in attacks. On Tuesday, SonicWall updated security advisories for the CVE-2023-44221 and CVE-2024-38475 security flaws to tag the two vulnerabilities as “potentially being exploited in the wild.” CVE-2023-44221 is described as a high-severity command … Read more
Commvault, a leading provider of data protection solutions, says a nation-state threat actor who breached its Azure environment didn’t gain access to customer backup data. Listed on NASDAQ since March 2006, Commvault is included in the S&P MidCap 400 Index and provides cyber resilience services to over 100,000 organizations. As the company first revealed on March … Read more
The FBI has shared 42,000 phishing domains tied to the LabHost cybercrime platform, one of the largest global phishing-as-a-service (PhaaS) platforms that was dismantled in April 2024. The published domains were registered between November 2021 and April 2024, the time of its seizure, and are being shared to increase awareness and provide indicators of compromise. … Read more
British supermarket chain Co-op shut down parts of its IT systems after detecting an attempted intrusion into its network, disrupting back office and call center services. While A Co-op spokesperson confirmed the hacking attempts to BleepingComputer, they have not shared whether these attempts were successful. “We have recently experienced attempts to gain unauthorized access to some … Read more
Ascension, one of the largest private healthcare systems in the United States, is notifying patients that their personal and health information was stolen in a December 2024 data theft attack, which affected a former business partner. The health network operates 142 hospitals nationwide, has over 142,000 employees, and has reported a total revenue of $28.3 billion in … Read more
The frustration will be all too familiar. After crafting your marketing campaign’s UTM parameters with meticulous precision, analyzing which ones convert can leave you piecing together fragmented data from Google Analytics, spreadsheets, and CRM reports. I understand how many hours you might spend wrestling with this exact problem. AFL UTM Tracker looks to connect the … Read more