Experts Discover Multiple Malicious npm Packages | Cyware Alerts – Hacker News The world of open-source software offers countless benefits to developers worldwide. However, with opportunities also come risks. The FortiGuard Labs team recently uncovered numerous malicious packages within npm, the most extensive software registry for JavaScript. This article delves deep into these packages, unveiling […]
Oct 03, 2023THNArtificial Intelligence / Cyber Threat Cybersecurity researchers have disclosed multiple critical security flaws in the TorchServe tool for serving and scaling PyTorch models that could be chained to achieve remote code execution on affected systems. Israel-based runtime application security company Oligo, which made the discovery, has coined the vulnerabilities ShellTorch. “These vulnerabilities […] […]
What is OFDMA (orthogonal frequency-division multiple access)? Orthogonal frequency-division multiple access (OFDMA) is a technology of Wi-Fi 6 (802.11ax) that lets access points serve multiple clients at the same time. OFDMA follows a set of rules created for the transmission of data between multiple terminals or clients over a transmission medium. The terminal could be […]
The FBI is warning organizations of new trends in ransomware attacks, where victims are targeted by multiple file-encrypting malware families or with wipers. As part of this trend, which was observed in July 2023, the FBI notes in a new private industry notification, threat actors deploy two ransomware variants in close date proximity to one […]
Caesars Entertainment is facing multiple class action lawsuits from hotel guests alleging the company was negligent for allowing their sensitive personal data to be stolen in a social engineering attack. Caesars disclosed earlier this month that its guest rewards database was stolen after hackers launched an attack against an IT support vendor. Security researchers say […]
ShadowSyndicate is believed to be an initial access broker (IAB) or an affiliate working with multiple ransomware operations, including Quantum, Nokoyawa, BlackCat/ALPHV, Clop, Royal, Cactus, and Play, based on evidence found by researchers.
An unnamed Southeast Asian government has been targeted by multiple China-nexus threat actors as part of espionage campaigns targeting the region over extended periods of time. “While this activity occurred around the same time and in some instances even simultaneously on the same victims’ machines, each cluster is characterized by distinct tools, modus operandi, and […]
Fortinet has released patches for a high-severity cross-site scripting (XSS) vulnerability impacting multiple FortiOS and FortiProxy versions. Tracked as CVE-2023-29183 (CVSS score of 7.3), the security defect is described as an “improper neutralization of input during web page generation”. Successful exploitation of the bug, Fortinet explains in an advisory, may allow an authenticated attacker to […]
Multiple prominent government ministries in Colombia are responding to a ransomware attack that is forcing officials to make significant operational changes. This week, the Ministry of Health and Social Protection, the country’s Judiciary Branch and the Superintendency of Industry and Commerce announced that a cyberattack on technology provider IFX Networks Colombia had caused a range […]