VSCode extensions with 9 million installs pulled over security risks
Microsoft has removed two popular VSCode extensions, ‘Material Theme – Free’ and ‘Material Theme Icons – Free,’ from the Visual…
Month: February 2025
Lazarus hacked Bybit via breached Safe{Wallet} developer machine
Forensic investigators have found that North Korean Lazarus hackers stole $1.5 billion from Bybit after hacking a developer’s device at…
PyPi package with 100K installs pirated music from Deezer for years
A malicious PyPi package named ‘automslc’ has been downloaded over 100,000 times from the Python Package Index since 2019, abusing…
Pump.fun X account hacked to promote scam governance token
The immensely popular memecoin generator Pump.fun had its X account hacked to promote a fake “PUMP” token cryptocurrency scam. Pump.fun…
Five best practices for securing Active Directory service accounts
Windows Active Directory (AD) service accounts are prime cyber-attack targets due to their elevated privileges and automated/continuous access to important…
EncryptHub breaches 618 orgs to deploy infostealers, ransomware
A threat actor tracked as ‘EncryptHub,’ aka Larva-208, has been targeting organizations worldwide with spear-phishing and social engineering attacks to gain access…
Report highlights phishing campaigns that exploit trusted platforms
A recent report from Darktrace has noted a surge in phishing attacks leveraging trusted business platforms such as Dropbox, SharePoint,…
Experts: Rising cybercrime groups pose greater threat than state-sponsored attackers
Cybercriminal organizations have become more dangerous than nation-state actors due to their vast financial resources and lack of ethical constraints,…
Attacks with novel Auto-Color Linux backdoor deployed in North America, Asia
BleepingComputer reports that North American and Asian government entities and universities have been subjected to intrusions involving the new evasive Auto-Color Linux…
Asia-Pacific subjected to FatalRAT phishing campaign
Suspected Chinese-speaking threat actors distributed malicious emails with a ZIP archive. Source link