GitHub has resolved numerous vulnerabilities in Node.js packages tar and @npmcli/arborist, with the worst allowing file overwrites and arbitrary code …
Pro-Chinese government propaganda campaign spurs on COVID-19 protests in the US
Researchers are tracking a campaign that is both promoting the Chinese government and encouraging real-world protests surrounding the COVID-19 pandemic …
Cyberattackers are now quietly selling off their victim’s internet bandwidth
Cyberattackers are now targeting their victim’s internet connection to quietly generate illicit revenue following a malware infection. On Tuesday, researchers …
Apple slams the brakes on plans to scan user images for child abuse content
Apple has paused plans to scan devices for child abuse and exploitation material after the tool prompted concern among users …
Scam artists are recruiting English speakers for business email campaigns
Native English speakers are being recruited in their droves by criminals trying to make Business Email Compromise (BEC) more effective. …
BitConnect director pleads guilty to role in $2 billion cryptocurrency fraud
One of the directors involved in the BitConnect cryptocurrency Ponzi scheme has pleaded guilty to his role in the conspiracy. …
FTC orders SpyFone to delete all of its surveillance data
The US Federal Trade Commission (FTC) has ordered the developer of the SpyFone spyware app to delete all data that …
Cream Finance platform pilfered for over $34 million in cryptocurrency
Cream Finance has lost over $34 million in cryptocurrency after a cyberattacker exploited a vulnerability in the project’s market system. …
This is why the Mozi botnet will linger on
It has been two years since the emergency of Mozi, and despite the arrest of its alleged author, the botnet …
Initial Access Broker use, stolen account sales spike in cloud service cyberattacks
There is rising demand for the services of Initial Access Brokers (IABs) and access credentials in cloud-based cyberattacks. On Tuesday, …