-
Russian Sandworm hackers targeted 20 critical orgs in Ukraine
Russian hacker group Sandworm aimed to disrupt operations at around 20 critical infrastructure facilities in Ukraine, according to a report from the Ukrainian Computer Emergency Response Team (CERT-UA).
- April 22, 2024
- 08:30 AM
0
-
Malicious Visual Studio projects on GitHub push Keyzetsu malware
Threat actors are abusing GitHub automation features and malicious Visual Studio projects to push a new variant of the "Keyzetsu" clipboard-hijacking malware and steal cryptocurrency payments.
- April 10, 2024
- 07:00 AM
0
-
North Korean hackers linked to defense sector supply-chain attack
In an advisory today Germany's federal intelligence agency (BfV) and South Korea's National Intelligence Service (NIS) warn of an ongoing cyber-espionage operation targeting the global defense sector on behalf of the North Korean government.
- February 19, 2024
- 03:24 PM
- 0
-
'everything' blocks devs from removing their own npm packages
Over the holidays, the npm package registry was flooded with more than 3,000 packages, including one called "everything," and others named a variation of the word. These 3,000+ packages make it impossible for all npm authors to unpublish their packages from the registry.
- January 04, 2024
- 04:55 AM
- 2
-
Ledger dApp supply chain attack steals $600K from crypto wallets
Ledger is warnings users not to use web3 dApps after a supply chain attack on the 'Ledger dApp Connect Kit' library was found pushing a JavaScript wallet drainer that stole $600,000 in crypto and NFTs.
- December 14, 2023
- 11:22 AM
- 0
-
UK and South Korea: Hackers use zero-day in supply-chain attack
A joint advisory by the National Cyber Security Centre (NCSC) and Korea's National Intelligence Service (NIS) discloses a supply-chain attack executed by North Korean hackers involving the MagicLineThe National Cyber Security Centre (NCSC) and Korea's National Intelligence Service (NIS) warn that the North Korean Lazarus hacking grou
- November 24, 2023
- 12:28 PM
- 0
-
Microsoft: Lazarus hackers breach CyberLink in supply chain attack
Microsoft says a North Korean hacking group has breached Taiwanese multimedia software company CyberLink and trojanized one of its installers to push malware in a supply chain attack targeting potential victims worldwide.
- November 22, 2023
- 01:06 PM
- 0
-
Hackers breach healthcare orgs via ScreenConnect remote access
Security researchers are warning that hackers are targeting multiple healthcare organizations in the U.S. by abusing the ScreenConnect remote access tool.
- November 10, 2023
- 02:57 PM
- 0
-
Lazarus hackers breached dev repeatedly to deploy SIGNBT malware
The North Korean Lazarus hacking group repeatedly compromised a software vendor using flaws in vulnerable software despite multiple patches and warnings being made available by the developer.
- October 27, 2023
- 12:15 PM
- 0
-
Free Download Manager releases script to check for Linux malware
The developers of Free Download Manager (FDM) have published a script to check if a Linux device was infected through a recently reported supply chain attack.
- September 20, 2023
- 03:02 PM
- 0
-
Free Download Manager site redirected Linux users to malware for years
A reported Free Download Manager supply chain attack redirected Linux users to a malicious Debian package repository that installed information-stealing malware.
- September 12, 2023
- 11:25 AM
- 5
-
Carderbee hacking group hits Hong Kong orgs in supply chain attack
A previously unidentified APT hacking group named 'Carderbee' was observed attacking organizations in Hong Kong and other regions in Asia, using legitimate software to infect targets' computers with the PlugX malware.
- August 22, 2023
- 06:00 AM
- 0
-
Rust devs push back as Serde project ships precompiled binaries
Serde, a popular Rust (de)serialization project, has decided to ship its serde_derive macro as a precompiled binary. This has generated a fair amount of concern among some developers who highlight the future legal and technical issues this may pose, along with a potential for supply chain attacks.
- August 19, 2023
- 09:55 AM
- 0
-
Google Cloud Build bug lets hackers launch supply chain attacks
A critical design flaw in the Google Cloud Build service discovered by cloud security firm Orca Security can let attackers escalate privileges, providing them with almost nearly-full and unauthorized access to Google Artifact Registry code repositories.
- July 18, 2023
- 09:00 AM
- 0
-
Millions of GitHub repos likely vulnerable to RepoJacking, researchers say
Millions of GitHub repositories may be vulnerable to dependency repository hijacking, also known as "RepoJacking," which could help attackers deploy supply chain attacks impacting a large number of users.
- June 22, 2023
- 11:45 AM
- 0
-
SpinOk Android malware found in more apps with 30 million installs
The SpinOk malware was found in a new batch of Android apps on Google Play, reportedly installed an additional 30 million times.
- June 05, 2023
- 12:50 PM
- 1
-
PyPI announces mandatory use of 2FA for all software publishers
The Python Package Index (PyPI) has announced that it will require every account that manages a project on the platform to have two-factor authentication (2FA) turned on by the end of the year.
- May 28, 2023
- 10:09 AM
- 0
-
Tencent QQ users hacked in mysterious malware attack, says ESET
The Chinese APT hacking group known as 'Evasive Panda' are behind a mysterious attack that distributed the MsgBot malware as part of an automatic update for the Tencent QQ messaging app.
- April 26, 2023
- 02:16 PM
- 0
-
Critical infrastructure also hit by supply chain attack behind 3CX breach
The X_Trader software supply chain attack that led to last month's 3CX breach has also impacted at least several critical infrastructure organizations in the United States and Europe, according to Symantec's Threat Hunter Team.
- April 21, 2023
- 03:26 PM
- 6
-
3CX hack caused by trading software supply chain attack
An investigation into last month's 3CX supply chain attack discovered that it was caused by another supply chain compromise where suspected North Korean attackers breached the site of stock trading automation company Trading Technologies to push trojanized software builds.
- April 20, 2023
- 08:00 AM
- 6
-
Remove the Theonlinesearch.com Search Redirect
Filed Under: Adware -
Remove the Smartwebfinder.com Search Redirect
Filed Under: Adware -
How to remove the PBlock+ adware browser extension
Filed Under: Adware -
Remove the Toksearches.xyz Search Redirect
Filed Under: Adware -
Remove the Smashapps.net Search Redirect
Filed Under: Adware
-
Version: 9.0.3.0106,396 Downloads
-
Version: 18.0.7.562,878 Downloads
-
Version: 8.4.0.056M+ Downloads
-
Version: 5.1.25M+ Downloads
-
Version: 4.14.12M+ Downloads
