Hackers have multiple reasons for abusing malicious npm packages, as they can first use popular open-source libraries as a medium for distributing malware or backdoors without the users’ knowledge. Secondly, allow threat actors to penetrate into developers’ and agencies’ networks…
Category: GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
Developers Beware Of Malicious npm Package That Delivers Sophisticated RAT
Hackers have multiple reasons for abusing malicious npm packages, as they can first use popular open-source libraries as a medium for distributing malware or backdoors without the users’ knowledge. Secondly, allow threat actors to penetrate into developers’ and agencies’ networks…
Ransomware Group Creation Touched Yearly All Time High
The ransomware landscape is rapidly diversifying in 2024, with a surge in new extortion groups as established attackers continue to target large companies. A record number of smaller groups are emerging—22 in just five months compared to 22 in a…
Russian Hackers In Attempt To Distrupt The 2024 Paris Olympic Games
Russia is intensifying disinformation campaigns against France, President Macron, the IOC, and the 2024 Paris Olympics, blending decades-old tactics with AI, as the Microsoft Threat Analysis Center (MTAC) identifies two primary goals: tarnishing the IOC’s reputation and fostering expectations of…
Zyxel NAS Devices Vulnerability Let Attackers Execute Code Remotely
Zyxel has released patches addressing critical command injection and remote code execution vulnerabilities in two of its NAS products, NAS326 and NAS542, which have reached end-of-vulnerability support. Users are strongly advised to install these patches to ensure optimal protection. What…
Underground Ransomware Continues to Attack Industries Of Various Sizes
Over the past year, the ransomware actor known as “Underground” has been less active than other groups, yet they remain a threat in the cybersecurity landscape. Despite their reduced activity, Underground continues to target industries of various sizes, causing substantial…
CarnavalHeist Weaponizing Word Documents To Steal Login Credentials
Hackers take advantage of Word documents as weapons due to their widespread use and trust. This is facilitated by the ease with which users can be deceived into opening them. These documents may have macros or exploits that are dangerous…
8220 Gang Exploiting Oracle WebLogic Server Flaw To Deploy Cryptominer
The Oracle WebLogic Server vulnerabilities enable hackers to access unauthorized systems that are used for business data and applications. This can enable threat actors to bring in external programs and complete system control, consequently assuming admin privileges. The end result…
Hugging Face Hack: Spaces Secrets Exposed
Hugging Face, a leading AI and machine learning platform, has reported unauthorized access to its Spaces platform, explicitly targeting Spaces secrets. This breach has raised concerns about the security of sensitive information and the potential impact on users. Unauthorized Access…
Critical wpDataTables Vulnerability Let Attackers Perform SQL Injection
A critical security vulnerability has been discovered in the wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin, a popular plugin used by WordPress websites to create dynamic tables and charts. The vulnerability, CVE-2024-3820, allows attackers to perform…