Cybersecurity

Popular #npm #linter packages hijacked via #phishing to drop #malware

https://www.bleepingcomputer.com/news/security/popular-npm-linter-packages-hijacked-via-phishing-to-drop-malware/

#cybersecurity #JavaScript

New #CrushFTP zero-day exploited in attacks to hijack servers

https://www.bleepingcomputer.com/news/security/new-crushftp-zero-day-exploited-in-attacks-to-hijack-servers/

#cybersecurity

#Arch #Linux pulls #AUR packages that installed #Chaos RAT #malware

https://www.bleepingcomputer.com/news/security/arch-linux-pulls-aur-packages-that-installed-chaos-rat-malware/

#FOSS #cybersecurity

Phishers have found a way to downgrade—not bypass—#FIDO #MFA

https://arstechnica.com/security/2025/07/no-phishers-are-not-bypassing-fido-mfa-at-least-not-yet-heres-why/

#phishing #cybersecurity

Russian #alcohol retailer #WineLab closes stores after #ransomware attack

https://www.bleepingcomputer.com/news/security/russian-alcohol-retailer-winelab-closes-stores-after-ransomware-attack/

#cybersecurity #Russia

New #Phobos and #8base #ransomware #decryptor recover files for free

https://www.bleepingcomputer.com/news/security/new-phobos-ransomware-decryptor-lets-victims-recover-files-for-free/

#cybercrime #cybersecurity

#iVerify Uncovers Evidence of Zero-Click Mobile Exploitation in the U.S.

https://iverify.io/blog/iverify-uncovers-evidence-of-zero-click-mobile-exploitation-in-the-us

#cybersecurity #malware

India’s largest crypto exchange CoinDCX has confirmed that one of its operational accounts was compromised in a recent security breach. @Techcrunch has more, including the millions hackers reportedly made off with.

https://flip.it/96pL.l

#Tech #Crypto #CyberSecurity #Hacked #CoinDCX

Microsoft Sharepoint server vulnerability puts an estimated 10,000 organizations at risk.

@Engadget reports: "The software giant released an emergency patch but the flaw is being actively exploited."

https://flip.it/h6w1pi

#Microsoft #Cybersecurity #SharePoint #Tech #Hacking

"Not so long ago, you would be right to question why a seemingly innocuous-looking free “flashlight” or “calculator” app in the app store would try to request access to your contacts, photos, and even your real-time location data. These apps may not need that data to function, but they will request it if they think they can make a buck or two by monetizing your data.

These days, AI isn’t all that different.

Take Perplexity’s latest AI-powered web browser, Comet, as an example. Comet lets users find answers with its built-in AI search engine and automate routine tasks, like summarizing emails and calendar events.

In a recent hands-on with the browser, TechCrunch found that when Perplexity requests access to a user’s Google Calendar, the browser asks for a broad swath of permissions to the user’s Google Account, including the ability to manage drafts and send emails, download your contacts, view and edit events on all of your calendars, and even the ability to take a copy of your company’s entire employee directory.

Perplexity says much of this data is stored locally on your device, but you’re still granting the company rights to access and use your personal information, including to improve its AI models for everyone else.

Perplexity isn’t alone in asking for access to your data. There is a trend of AI apps that promise to save you time by transcribing your calls or work meetings, for example, but which require an AI assistant to access your real-time private conversations, your calendars, contacts, and more. Meta, too, has been testing the limits of what its AI apps can ask for access to, including tapping into the photos stored in a user’s camera roll that haven’t been uploaded yet."

https://techcrunch.com/2025/07/19/for-privacy-and-security-think-twice-before-granting-ai-access-to-your-personal-data

#CyberSecurity #AI #GenerativeAI #Chatbots #DataProtection #Perplexity

"Cybersecurity researchers have alerted to a supply chain attack that has targeted popular npm packages via a phishing campaign designed to steal the project maintainers' npm tokens.

The captured tokens were then used to publish malicious versions of the packages directly to the registry without any source code commits or pull requests on their respective GitHub repositories.

The list of affected packages and their rogue versions, according to Socket, is listed below -

• eslint-config-prettier (versions 8.10.1, 9.1.1, 10.1.6, and 10.1.7)
• eslint-plugin-prettier (versions 4.2.2 and 4.2.3)
• synckit (version 0.11.9)
• @pkgr/core (version 0.2.8)
• napi-postinstall (version 0.3.1)

"The injected code attempted to execute a DLL on Windows machines, potentially allowing remote code execution," the software supply chain security firm said."

https://thehackernews.com/2025/07/malware-injected-into-6-npm-packages.html

#CyberSecurity #NPM #JavaScript #Node #GitHub #Windows #Malware

#CitrixBleed2 exploited weeks before PoCs as #Citrix denied attacks

https://www.bleepingcomputer.com/news/security/citrix-bleed-2-exploited-weeks-before-pocs-as-citrix-denied-attacks/

#cybersecurity

#GitHub abused to distribute payloads on behalf of #malware-as-a-service

https://arstechnica.com/security/2025/07/malware-as-a-service-caught-using-github-to-distribute-its-payloads/

#cybersecurity #Emmenhtal #PeakLight #MaaS

#VMware fixes four #ESXi zero-day bugs exploited at #Pwn2Own Berlin

https://www.bleepingcomputer.com/news/security/vmware-fixes-four-esxi-zero-day-bugs-exploited-at-pwn2own-berlin/

#cybersecurity

#Microsoft #Teams voice calls abused to push #Matanbuchus #malware

https://www.bleepingcomputer.com/news/security/microsoft-teams-voice-calls-abused-to-push-matanbuchus-malware/

#cybersecurity

#Google sues to disrupt #BadBox 2.0 #botnet infecting 10 million devices

https://www.bleepingcomputer.com/news/security/google-sues-to-disrupt-badbox-20-botnet-infecting-10-million-devices/

#cybersecurity #malware

Hacker steals $27 million in #BigONE exchange #crypto breach

https://www.bleepingcomputer.com/news/security/hacker-steals-27-million-in-bigone-exchange-crypto-breach/

#cybersecurity #cybercrime

Hackers are trying to steal passwords and sensitive data from users of #Signal clone

https://techcrunch.com/2025/07/17/hackers-are-trying-to-steal-passwords-and-sensitive-data-from-users-of-signal-clone/

#cybersecurity #TeleMessage

North Korean hackers blamed for record spike in #crypto thefts in 2025

https://techcrunch.com/2025/07/17/north-korean-hackers-blamed-for-record-spike-in-crypto-thefts-in-2025/

#NorthKorea #cybersecurity #cybercrime

Max severity #Cisco #ISE bug allows pre-auth command execution, patch now

https://www.bleepingcomputer.com/news/security/max-severity-cisco-ise-bug-allows-pre-auth-command-execution-patch-now/

#cybersecurity

https://arstechnica.com/security/2025/07/hackers-exploit-a-blind-spot-by-hiding-malware-inside-dns-records/?utm_social-type=owned

#CyberSecurity

#SonicWall #SMA devices hacked with #OVERSTEP #rootkit tied to #ransomware

https://www.bleepingcomputer.com/news/security/sonicwall-sma-devices-hacked-with-overstep-rootkit-tied-to-ransomware/

#cybersecurity

New #Fortinet #FortiWeb hacks likely linked to public RCE exploits

https://www.bleepingcomputer.com/news/security/new-fortinet-fortiweb-hacks-likely-linked-to-public-rce-exploits/

#cybersecurity

#Europol disrupts pro-Russian #NoName057(16) #DDoS #hacktivist group

https://www.bleepingcomputer.com/news/security/europol-disrupts-pro-russian-noname05716-ddos-hacktivist-group/

#cybersecurity #Russia #cybercrime

#UK #retail giant #CoOp confirms hackers stole all 6.5 million customer records

https://techcrunch.com/2025/07/16/uk-retail-giant-co-op-confirms-hackers-stole-all-6-5-million-customer-records/

#cybersecurity #privacy #DataBreach