Researchers have developed a computer worm that targets generative AI (GenAI) applications to potentially spread malware and steal personal data. The new paper details the worm dubbed “Morris II,” which targets GenAI ecosystems through the use of adversarial self-replicating prompts, leading to GenAI systems delivering payloads to other agents. Once unleashed, the worm is stored […]
Cybersecurity researchers at Proofpoint have uncovered a new tactic employed by cybercriminal threat actor TA577, shedding light on a lesser-seen objective in their operations. The group was found utilizing an attack chain aimed at stealing NT LAN Manager (NTLM) authentication information. This method could potentially be exploited for sensitive data gathering and facilitating further malicious […]
Cybersecurity researchers have identified new infrastructure likely used by the operators of the commercial spyware known as Predator in at least 11 countries. By analyzing the domains likely used to deliver the spyware, analysts at Recorded Future’s Insikt Group were able to spot potential Predator customers in Angola, Armenia, Botswana, Egypt, Indonesia, Kazakhstan, Mongolia, Oman, […]
Researchers found a zero-click Facebook account takeover Pierluigi Paganini February 29, 2024 A critical vulnerability in Facebook could have allowed threat actors to hijack any Facebook account, researcher warns. Meta addressed a critical Facebook vulnerability that could have allowed attackers to take control of any account. The Nepalese researcher Samip Aryal described the flaw as […]
Mar 01, 2024NewsroomLinux / Cyber Threat Cybersecurity researchers have discovered a new Linux variant of a remote access trojan (RAT) called BIFROSE (aka Bifrost) that uses a deceptive domain mimicking VMware. “This latest version of Bifrost aims to bypass security measures and compromise targeted systems,” Palo Alto Networks Unit 42 researchers Anmol Maurya and Siddharth […]
Feb 29, 2024NewsroomThreat Intelligence / Cyber Threat Cybersecurity researchers have disclosed a new attack technique called Silver SAML that can be successful even in cases where mitigations have been applied against Golden SAML attacks. Silver SAML “enables the exploitation of SAML to launch attacks from an identity provider like Entra ID against applications configured to […]
Feb 27, 2024NewsroomSupply Chain Attack / Data Security Cybersecurity researchers have found that it’s possible to compromise the Hugging Face Safetensors conversion service to ultimately hijack the models submitted by users and result in supply chain attacks. “It’s possible to send malicious pull requests with attacker-controlled data from the Hugging Face service to any repository […]
Cybersecurity researchers are warning about a spike in email phishing campaigns that are weaponizing the Google Cloud Run service to deliver various banking trojans such as Astaroth (aka Guildma), Mekotio, and Ousaban (aka Javali) to targets across Latin America (LATAM) and Europe. “The infection chains associated with these malware families feature the use of malicious […]
Security researchers have encountered a new cryptojacking campaign that uses a new piece of malware called Migo that targets Redis servers on Linux hosts. The campaign came to light after Cado Security researchers noticed new commands exploiting Redis systems in the wild. Initial access According to Cado security, Migo is distributed as a Golang ELF […]