Microsoft18h
Storm-2372 conducts device code phishing campaign
Microsoft Threat Intelligence Center discovered an active and successful device code phishing campaign by a threat actor we ...
The Hacker News19h
New "whoAMI" Attack Exploits AWS AMI Name Confusion for Remote Code Execution
Cybersecurity researchers have disclosed a new type of name confusion attack called whoAMI that allows anyone who publishes an Amazon Machine Image ( AMI) with a specific name to gain code execution ...
The Hacker News19h
Lazarus Group Deploys Marstech1 JavaScript Implant in Targeted Developer Attacks
The North Korean threat actor known as the Lazarus Group has been linked to a previously undocumented JavaScript implant ...
What is device code phishing, and why are Russian spies so successful at it?
Researchers have uncovered a sustained and ongoing campaign by Russian spies that uses a clever phishing technique to hijack ...
Open source code repository says ‘far-right forces’ are behind massive spam attacks
Codeberg says abusive spam emails sent to its users are the result of a far-right hate campaign.
Critical PostgreSQL bug tied to zero-day attack on US Treasury
The vulnerability in the PostgreSQL interactive tool (psql) can lead to arbitrary code execution (ACE) and there is also a ...