#Tag
🇧🇷 New malware leverages WhatsApp to target Brazilian government and businesses
“Interestingly, the phishing message that contains the malicious file attachment requires users to open it on a desktop, suggesting that threat actors might be more interested in targeting enterprises rather than consumers,”
🇧🇷 New malware leverages WhatsApp to target Brazilian government and businesses
“Interestingly, the phishing message that contains the malicious file attachment requires users to open it on a desktop, suggesting that threat actors might be more interested in targeting enterprises rather than consumers,”
Novo ciberataque “Shai-Hulud” propaga-se como um verme e compromete 187 pacotes npm
🔗 https://tugatech.com.pt/t71903-novo-ciberataque-shai-hulud-propaga-se-como-um-verme-e-compromete-187-pacotes-npm
#API #ataque #cascata #CD #CI #ciberataque #Github #google #javascript #linkedin #malware #npm #phishing #riscos #segurança #servidor #software
There is an on-going malware attack targeting users of GitHub Desktop by buying ads on search engines that link to a committed Readme files on the GitHub Desktop repo with links to malicious versions of the app. This attack is on-going. I just found another attempt from a few days ago.
I found an Ad of the same kind on Duck Duck Go, so it's not just Google.
The details of the attack are described in detail in this article.
There is an on-going malware attack targeting users of GitHub Desktop by buying ads on search engines that link to a committed Readme files on the GitHub Desktop repo with links to malicious versions of the app. This attack is on-going. I just found another attempt from a few days ago.
I found an Ad of the same kind on Duck Duck Go, so it's not just Google.
The details of the attack are described in detail in this article.
BleepingComputer: AI-powered malware hit 2,180 GitHub accounts in “s1ngularity” attack
BleepingComputer: AI-powered malware hit 2,180 GitHub accounts in “s1ngularity” attack
https://www.threatfabric.com/blogs/android-droppers-the-silent-gatekeepers-of-malware
Kicking off a 4-part deep dive into AFD.sys on Windows 11: crafting a raw TCP socket, performing the TCP handshake, sending & receiving TCP packets - everything without Winsock.
Part 1: https://leftarcode.com/posts/afd-reverse-engineering-part1/
Part 2: https://leftarcode.com/posts/afd-reverse-engineering-part2/
Part 3: https://leftarcode.com/posts/afd-reverse-engineering-part3/
Part 4: https://leftarcode.com/posts/afd-reverse-engineering-part4/
Kicking off a 4-part deep dive into AFD.sys on Windows 11: crafting a raw TCP socket, performing the TCP handshake, sending & receiving TCP packets - everything without Winsock.
Part 1: https://leftarcode.com/posts/afd-reverse-engineering-part1/
Part 2: https://leftarcode.com/posts/afd-reverse-engineering-part2/
Part 3: https://leftarcode.com/posts/afd-reverse-engineering-part3/
Part 4: https://leftarcode.com/posts/afd-reverse-engineering-part4/
REMINDER:
everything created by #techbros should be treated as #malware. i would treat the so-called open source version of the not-so Open AI as a classic trojan, wooden horse and otherwise :
https://arstechnica.com/ai/2025/08/openai-releases-its-first-open-source-models-since-2019/
REMINDER:
everything created by #techbros should be treated as #malware. i would treat the so-called open source version of the not-so Open AI as a classic trojan, wooden horse and otherwise :
https://arstechnica.com/ai/2025/08/openai-releases-its-first-open-source-models-since-2019/
AquaSec deckte jetzt eine üble Malware für Linux auf, wobei verseuchte Bilddateien den Angriffsvektor beinhalten: Koske verbreitet sich - aktuell - über präparierte Pandabärbilder, die ein Script in C mit der unangenehmen Payload mitbringen. Offensichtlich half ein LLM bei der Entwicklung der Malware. Schöne, neue KI-Welt.
https://www.aquasec.com/blog/ai-generated-malware-in-panda-image-hides-persistent-linux-threat/
AquaSec deckte jetzt eine üble Malware für Linux auf, wobei verseuchte Bilddateien den Angriffsvektor beinhalten: Koske verbreitet sich - aktuell - über präparierte Pandabärbilder, die ein Script in C mit der unangenehmen Payload mitbringen. Offensichtlich half ein LLM bei der Entwicklung der Malware. Schöne, neue KI-Welt.
https://www.aquasec.com/blog/ai-generated-malware-in-panda-image-hides-persistent-linux-threat/
🚨 Malware Found in Official GravityForms Plugin Indicating Supply Chain Breach - Patchstack
https://patchstack.com/articles/critical-malware-found-in-gravityforms-official-plugin-site/
Mexiko: Untersuchung wegen mutmaßlicher Schmiergeldzahlung beim Kauf von Pegasus
Beim Kauf der Spionagesoftware Pegasus soll Mexikos Ex-Präsident Enrique Peña Nieto Schmiergeld kassiert haben. Die Staatsanwaltschaft leitet Ermittlungen ein.
Mexiko: Untersuchung wegen mutmaßlicher Schmiergeldzahlung beim Kauf von Pegasus
Beim Kauf der Spionagesoftware Pegasus soll Mexikos Ex-Präsident Enrique Peña Nieto Schmiergeld kassiert haben. Die Staatsanwaltschaft leitet Ermittlungen ein.
A space for Bonfire maintainers and contributors to communicate
