backdoor

Anti-Malware Security and Brute-Force Firewall, a popular security plugin for WordPress websites, is affected by a reflected cross-site scripting vulnerability whose exploitation would allow threat actors to compromise users withRead More →

A hacking group allegedly sponsored by the Chinese state is targeting organizations around the world in an espionage campaign active for at least half a year. Cicada, also known asRead More →

JFrog cybersecurity specialists are investigating a wave of malicious Node Package Manager (npm) packages deployed by an unidentified threat actor. This threat was first detected on March 21, with 200Read More →

This week, Wordfence research teams detected an increase in infected websites hosted on the WordPress service managed by web hosting firm GoDaddy, which includes MediaTemple, tsoHost, 123Reg, Domain Factory, HeartRead More →

The Lapsus$ hacking group is abusing stolen NVIDIA code signing certificates to inadvertently sign malware on vulnerable Windows deployments. This week, NVIDIA confirmed that it suffered a cyberattack that allowedRead More →

A recent report details the operation of a financial and electronic fraud operation deployed by a highly sophisticated and stealthy hacking group, capable of compromising bank transaction processing systems andRead More →

Cybersecurity specialists report that, for some years now, a hacker has been running malicious servers throughout the Tor network in what appears to be an attempt to deanonymize users ofRead More →

The team in charge of GoCD announced the fix of three vulnerabilities that could be exploited in a chained manner to take full control of the underlying server. These flawsRead More →

A security report notes that Command-Option-Argument (coa), the popular npm library, has been infiltrated with a malicious backdoor code, which could have severe consequences worldwide. This library is downloaded aboutRead More →