Experts in cybersecurity have uncovered the mechanics behind a cryptocurrency stealer malware distributed through 13 malignant NuGet packages. This supply chain attack targeted .NET developers and employed a sophisticated typosquatting campaign. Impersonating legitimate packages, the attackers executed PowerShell code to obtain a secondary binary from a pre-programmed server. The two-stage assault led to the deployment of a

MSI, the Taiwanese PC company, has officially confirmed that it was the victim of a cyber attack on its systems. The company promptly initiated incident response and recovery measures after detecting network anomalies and alerted law enforcement agencies. However, MSI did not disclose any specifics about the attack or whether any proprietary information, including source

cybersecurity experts have unveiled a previously unknown and highly sophisticated ransomware variant, Rorschach, which is both advanced and swift. Rorschach ransomware distinguishes itself from other strains with its exceptional customization and unique technical features not previously seen in ransomware, according to a report by Check Point Research. In fact, Rorschach is considered one of the

Actively exploited by unidentified cybercriminals, a recently patched security vulnerability is found within the WordPress Elementor Pro website builder plugin. Affecting versions 3.11.6 and earlier, this broken access control flaw was resolved by the plugin developers in the 3.11.7 version, released on March 22. In the release notes, the Tel Aviv-based company mentioned, “Improved code security enforcement

A newly identified North Korean cyber group, APT43, has been linked to multiple campaigns aimed at gathering strategic intelligence in line with Pyongyang’s geopolitical interests since 2018. Tracked by Google-owned Mandiant, APT43’s objectives include both espionage and financial motives, employing methods such as credential harvesting and social engineering to achieve its goals. APT43 attempts to generate

A new campaign targeting poorly managed Linux SSH servers has been identified, deploying various strains of malware called ShellBot. The AhnLab Security Emergency Response Center (ASEC) reported that ShellBot, also known as PerlBot, is a DDoS bot malware developed in Perl, which typically uses the IRC protocol for communication with its C&C server. According to

Mandiant, the threat intelligence firm, has linked the zero-day exploitation of a medium-severity security flaw in the Fortinet FortiOS operating system to a suspected Chinese hacking group. The attack is part of a broader campaign to deploy backdoors onto Fortinet and VMware solutions and maintain persistent access to victim environments. Mandiant is tracking the malicious