ShadowRay Vulnerability Threatens AI Workloads, No Patch Available

Researchers noticed that a vulnerability in question is actively exploited

Recent review of vulnerabilities in the Ray framework uncovered the unpatched flaw, dubbed ShadowRay. It appears that hundreds of machine learning clusters were already compromised, leading to the leak of ML assets. Researchers trace the first attack that used this vulnerability to September 2023, meaning that the vulnerability already circulates for over half a year.… Continue reading ShadowRay Vulnerability Threatens AI Workloads, No Patch Available

PUA:Win32/Packunwan

PUA:Win32/Packunwan is a name for a packed unwanted software with some really dangerous capabilities

PUA:Win32/Packunwan is a generic detection of potentially unwanted program that uses software packing. It can range from being just annoying to creating a severe threat to the system safety. Depending on this, the degree of damage to the system will vary. Usually, these unwanted programs are distributed as “recommended software” in freeware, shareware or cracked… Continue reading PUA:Win32/Packunwan

PUABundler:Win32/Rostpay

Win32/Rostpay is an unwanted software that can brind numerous other PUAs

PUABundler:Win32/Rostpay is an antivirus detection related to the software released by Rostpay LLC. Antivirus programs detect it because it contains a lot of additional unwanted programs (PUA). Although their applications are not malicious, the software that comes bundled along with it can bring unpredictable consequences. As history shows software developers like Rostpay have already made… Continue reading PUABundler:Win32/Rostpay

GoFetch Vulnerability in Apple Silicon Uncovered

A new vulnerability in Apple Silicon processors allows attackers to extract secret keys from Mac computers.

Researchers uncovered a vulnerability in Apple Silicon processors, dubbed GoFetch. It allows attackers to extract secret keys from Mac computers while performing widespread cryptographic operations. Notably, it is practically impossible to patch the flaw as it stems from the microarchitecture of the processor. Apple Silicon Vulnerability Allows Hackers to Extract Encryption Keys Researchers have discovered… Continue reading GoFetch Vulnerability in Apple Silicon Uncovered

VirTool:Win32/DefenderTamperingRestore

VirTool:Win32/DefenderTamperingRestore stealthily infiltrates the system registry and disables protection.

VirTool:Win32/DefenderTamperingRestore is the name of the Microsoft Defender detection of a malicious element present in the system. Usually, it marks a thing that can weaken the system security and make the device vulnerable to malware injection. Let’s find out how dangerous this is, and how to deal with it. Threats like VirTool are often the… Continue reading VirTool:Win32/DefenderTamperingRestore

Hellminer.exe Coin Miner

Hellminer.exe is a process related to a malicious miner

Hellminer.exe is a process you can see in the Task Manager that indicates a malicious software activity. It stands out by the high CPU load it creates, making the system much less responsive. Let’s figure out what this process is, and how to get rid of it. Hellminer malware has a potential to attack a… Continue reading Hellminer.exe Coin Miner

STRRAT and Vcurms Malware Abuse GitHub for Spreading

Attackers are using GitHub as a source for the final payload

A new phishing campaign has recently been discovered that uses GitHub to deliver Remote Access Trojans (RAT) STRRAT and Vcurms via a malicious Java downloader. ANY.RUN specialists have detected the active spread of these malicious programs and warn users against potential threats. Short About STRRAT and Vcurms STRRAT is a Java-based RAT, notorious for its… Continue reading STRRAT and Vcurms Malware Abuse GitHub for Spreading

Dragon Angel Malicious Browser Extension

Malicious extension Dragon Angel hijacks web browser

Dragon Angel is a browser extension that functions as a hijacker malware. It redirects users to promoted search engines or websites. These redirects ruin the process of browsing and can lead to irrelevant or potentially harmful content or malware distribution. Dragon Angel Overview Dragon Angel is a malicious browser extension that can appear in Chrome… Continue reading Dragon Angel Malicious Browser Extension

Usermode Font Driver Host (fontdrvhost.exe)

Usermode Font Driver Host is a crucial system element, that is sometimes prone to cause problems

The Usermode Font Driver Host process is an important part of the Windows operating system. It may raise questions among users due to its high consumption of resources such as CPU and memory. Let’s find out what this process is and whether you can do without it. What is Usermode Font Driver Host? The Usermode… Continue reading Usermode Font Driver Host (fontdrvhost.exe)

PUA:Win32/Vigua.A

Have you encountered PUA:Win32/Vigua.A detection? This guide explains what it is and what to do next.

PUA:Win32/Vigua.A is a universal detection name used by Microsoft Defender to detect potentially unwanted applications (PUAs). This is often associated with various system optimizers that have hidden functionality in addition to their stated functions. PUA:Win32/Vigua.A Overview PUA:Win32/Vigua.A is a generic detection associated with unwanted software positioned as a system optimizer. Usually, it falls under scareware… Continue reading PUA:Win32/Vigua.A