Pierluigi Paganini
January 08, 2025
Gayfemboy, a Mirai botnet variant, has been exploiting a flaw in Four-Faith industrial routers to launch DDoS attacks since November 2024. The Gayfemboy botnet was first identified in February 2024, it borrows the code from the basic Mirai variant and now integrates N-day and 0-day exploits. By November 2024, Gayfemboy exploited 0-day vulnerabilities in Four-Faith […]
Pierluigi Paganini
January 07, 2025
Experts spotted new variants of the Eagerbee backdoor being used in attacks on government organizations and ISPs in the Middle East. Kaspersky researchers reported that new variants of the Eagerbee backdoor being used in attacks against Internet Service Providers (ISPs) and government entities in the Middle East. The Kaspersky’s analysis revealed new attack components, including […]
Pierluigi Paganini
January 06, 2025
PLAYFULGHOST is a new malware family with capabilities including keylogging, screen and audio capture, remote shell access, and file transfer/execution. Google researchers analyzed a new malware family called PLAYFULGHOST that supports multiple features, including keylogging, screen and audio capture, remote shell, and file transfer/execution. The PLAYFULGHOST backdoor shares functionality with Gh0st RAT whose source code was publicly released in […]
Pierluigi Paganini
January 05, 2025
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. 7-Zip Zero-Day Exploit Dropped: A New Playground for Infostealer & Supply Chain Attacks Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts The Mac Malware of 2024 Ransomware Vulnerability Matrix Inside […]
Pierluigi Paganini
January 05, 2025
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Malicious npm packages target Ethereum developers US Treasury Department sanctioned Chinese cybersecurity firm linked to Flax Typhoon APT […]
Pierluigi Paganini
January 04, 2025
Malicious npm packages target Ethereum developers, impersonating Hardhat plugins to steal private keys and sensitive data. Hardhat, by the Nomic Foundation, is an essential Ethereum tool, enabling streamlined smart contract and dApp development with customizable plugins. Socket researchers reported a supply chain attack targeting the Nomic Foundation and Hardhat platforms, attackers use malicious npm packages to […]
Pierluigi Paganini
January 03, 2025
FireScam malware steals credentials and financial data by monitoring Android app notifications and sending data to a Firebase database. Cybersecurity firm Cyfirma warns of the FireScam Android info-stealing malware that supports spyware capabilities. The malicious code steals credentials and financial data by monitoring app notifications and sending the information to a Firebase database. The malware […]
Pierluigi Paganini
December 31, 2024
Rhode Island ’s health benefits system was hacked, and threat actors leaked residents’ data on the dark web. Cybercriminals leaked data stolen from Rhode Island ‘s health benefits system on the dark web. Gov. Daniel McKee stated the state had prepared for this and is informing impacted individuals. RIBridges supports state programs like Medicaid, SNAP, […]
Pierluigi Paganini
December 31, 2024
Threat actors compromised at least 16 Chrome browser extensions leading to the exposure of data from over 600,000 users. A supply chain attack compromised 16 Chrome browser extensions, exposing over 600,000 users. Threat actors targeted the publishers of the extensions on the Chrome Web Store via phishing messages, then once obtained access to their account […]
Pierluigi Paganini
December 29, 2024
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Pro-Russia group NoName targeted the websites of Italian airports North Korea actors use OtterCookie malware in Contagious Interview […]
