GitHub Vulnerability Exploited in the Wild, CISA Notifies
GitLab has a critical vulnerability that affects all authentication mechanisms. Without two-factor authentication, users are at significant risk. The vulnerability is currently fixed, and users are recommended to update to…
Adaware Web Companion
Web Companion is an unwanted program works as a web protection tool. It appears unexpectedly, after the installation of a different program, and tries to make the user pay for…
PUA:Win32/MyWebSearch
PUA:Win32/MyWebSearch is a Microsoft Defender detection that refers to an unwanted browser modifier. This application adds add-ons and toolbars that in fact take control of the web browser, redirecting search…
New Red Ransomware Group Discovered
In March 2024, threat analysts detected a new ransomware group, called Red Ransomware. The group, which began its activities during the waning days of prominent groups such as Lockbit and…
GuptiMiner Use eScan to Spread Miners and Backdoors
A recent report by Avast researchers identified an old-timer malware called GuptiMiner. It uses the eScan antivirus update mechanism to stealthily inject backdoors and cryptocurrency mining programs into users' computer…
Infostealers Made With Electron On The Rise
AhnLab Security Intelligence Center (ASEC) has identified a new strain of Infostealer malware created using the Electron framework. These apps are packaged in NSIS installer format, which the attacker used…
GitHub and GitLab CDNs Abused to Spread Malware
Recent research around new spreading approaches of one stealer malware family revealed a new way to abuse GitHub. Instead of creating repositories that contain malware files, hackers push the files…
Broom Cleaner App (Virus Removal)
Broom Cleaner is an unwanted program that at first glance seems to be a safe tool for cleaning and optimizing your computer. However, in reality, once installed, it performs unwanted…
OpenMetadata Vulnerabilities Exploited to Abuse Kubernetes
Microsoft security blog reports that the OpenMetadata platform has critical vulnerabilities that allow attackers to exploit Kubernetes workloads for crypto mining. Five vulnerabilities allow attackers to bypass authentication and execute…
MITRE NERVE Hacked, Service Taken Offline
MITRE reports about hacker activity in their NERVE network, spotted in April 2024. Upon detecting the suspicious activity, the organization put the affected service offline and started the investigation. The…
LabHost Phishing Service Taken Down by Police
Authorities have seized the LabHost phishing service, accused of stealing personal information from victims worldwide. This service specialized in creating fake websites to harvest user data illegally. However, law enforcement…
Cisco Talos Warns of a Massive Brute Force Wave
The Cisco Talos security team has released information about a new campaign of attackers targeting mass account compromise. Specialists have recorded countless login attempts to gain unauthorized access to web…
