Tag
A recent malware campaign has been found to leverage Satacom downloader as a conduit to deploy stealthy malware capable of siphoning cryptocurrency using a rogue extension for Chromium-based browsers. "The main purpose of the malware that is dropped by the Satacom downloader is to steal BTC from the victim's account by performing web injections into targeted cryptocurrency websites," Kaspersky
Thousands of adware apps for Android have been found to masquerade as cracks or modded versions of popular apps to redirect users to serve unwanted ads to users as part of a campaign ongoing since October 2022. "The campaign is designed to aggressively push adware to Android devices with the purpose to drive revenue," Bitdefender said in a technical report shared with The Hacker News. "However,
By Waqas If the alleged admin login credentials are authentic, i2VPN users are at risk of a massive security and privacy breach. This is a post from HackRead.com Read the original post: Hackers Leak i2VPN Admin Credentials on Telegram
Google on Monday released security updates to patch a high-severity flaw in its Chrome web browser that it said is being actively exploited in the wild. Tracked as CVE-2023-3079, the vulnerability has been described as a type confusion bug in the V8 JavaScript engine. Clement Lecigne of Google's Threat Analysis Group (TAG) has been credited with reporting the issue on June 1, 2023. "Type
Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Telefnica Brasil Vivo Play (IPTV) Firmware: 2023.04.04.01.06.15 is vulnerable to Denial of Service (DoS) via DNS Recursion.
By Habiba Rashid The stolen tokens include popular cryptocurrencies such as Bitcoin (BTC), ether (ETH), tether (USDT), dogecoin (DOGE), Litecoin (LTC), BNB coin (BNB), and polygon (MATIC). This is a post from HackRead.com Read the original post: Atomic Wallet Hit by $35M Theft in Recent Crypto Breach
Reportlab up to v3.6.12 allows attackers to execute arbitrary code via supplying a crafted PDF file.
Categories: News A new web skimming campaign uses compromised legitimate sites to act as command and control servers. (Read more...) The post Information stealer compromises legitimate sites to attack other sites appeared first on Malwarebytes Labs.
Microsoft has officially linked the ongoing active exploitation of a critical flaw in the Progress Software MOVEit Transfer application to a threat actor it tracks as Lace Tempest. "Exploitation is often followed by deployment of a web shell with data exfiltration capabilities," the Microsoft Threat Intelligence team said in a series of tweets today. "CVE-2023-34362 allows attackers to