News

SecurityWeek1h
Legitimate Shellter Pen-Testing Tool Used in Malware Attacks
A stolen copy of Shellter Elite shows how easily legitimate security tools can be repurposed by threat actors when vetting and oversight fail.
Android malware Anatsa infiltrates Google Play to target US banks
The Anatsa banking trojan has sneaked into Google Play once more via an app posing as a PDF viewer that counted more than ...
The Hacker News5h
Malicious Pull Request Targets 6,000+ Developers via Vulnerable Ethcode VS Code Extension
First released by 7finney in 2022, Ethcode is a VS Code extension that's used to deploy and execute solidity smart contracts in Ethereum Virtual Machine ( EVM )-based blockchains. An EVM is a ...
Splunk uncovers surge in social engineering through fake CAPTCHA attacks
ClickGrab is a dual-mode analysis platform that uses Python and PowerShell to detect and dissect malicious websites deploying ...
Sonatype report finds 188% spike in open-source malware in the second quarter
On the malware side, cryptomining malware dropped slightly, making up just 5% of packages in the second quarter. The decline ...
Infosecurity Magazine9h
Malicious Open Source Packages Surge 188% Annually
Sonatype’s latest Open Source Malware Index report has identified more than 16,000 malicious open source packages, ...
North Korean Hackers Deploy Rare Nim-Based Malware on macOS to Target Web3 Startups
A new Nim-based malware campaign targets macOS users in crypto and Web3 firms, using novel persistence tricks and encrypted ...