News

Dems demand audit of CVE program as Federal funding remains uncertain
Infosec In Brief A pair of Congressional Democrats have demanded a review of the Common Vulnerabilities and Exposures (CVE) ...
Cryptopolitan2d
Discord invite link being used to deliver malware targeting crypto wallets
The new malware exploits a weakness in Discord’s invitation system to deliver an information stealer known as Skuld and the ...
The Hacker News2d
Discord Invite Link Hijacking Delivers AsyncRAT and Skuld Stealer Targeting Crypto Wallets
The fact that payload delivery and data exfiltration occur via trusted cloud services such as GitHub, Bitbucket, Pastebin, ...
Discord flaw lets hackers reuse expired invites in malware campaign
Hackers are hijacking expired or deleted Discord invite links to redirect users to malicious sites that deliver remote access ...
TechJuice5d
Rust‑Based Myth Stealer Malware Spreads via Fake Gaming Sites
A new Rust‑ based info‑stealer called Myth Stealer spreads via fake gaming sites, targeting Chrome and Firefox credentials with loaders.
More than a hundred backdoored malware repos traced to single GitHub user
Sophos thinks a single person or group called "ischhfd83" is behind more than a hundred backdoored malware variants targeting ...
Misspelled a site's name? Cybercriminals are exploiting this to infect your computer with malware - here's how to stay safe
A single typo could let hackers hijack your system using malware hidden in fake packages Cross-platform malware now fools ...
Infosecurity Magazine13d
Fake Docusign Pages Deliver Multi-Stage NetSupport RAT Malware
A new malware campaign using fake DocuSign verification pages to deploy the NetSupport Remote Access Trojan (RAT) has been ...
The Hacker News13d
Cryptojacking Campaign Exploits DevOps APIs Using Off-the-Shelf Tools from GitHub
Cybersecurity researchers have discovered a new cryptojacking campaign that's targeting publicly accessible DevOps web servers such as those associated with Docker, Gitea, and HashiCorp Consul and ...
WinBuzzer13d
AI Attacks AI: Open WebUI Interface Used By Popular AI Chatbots Breached by Malware
Attackers are exploiting misconfigured Open WebUI, a web-based interface for AI models with AI-generated malware.
CoinTelegraph24d
Hackers using fake Ledger Live app to steal seed phrases and drain crypto
Moonlock has been tracking malware that's distributing a malicious clone of Ledger Live since August, with at least four active campaigns ... Ledger secures Discord after hacker bot tried to ...