• North Korean Hackers Pull Off $308M Bitcoin Heist from Crypto Firm DMM Bitcoin

    North Korean Hackers Pull Off $308M Bitcoin Heist from Crypto Firm DMM Bitcoin

    Japanese and U.S. authorities have formerly attributed the theft of cryptocurrency worth $308 million from cryptocurrency company DMM Bitcoin in May 2024 to North Korean cyber actors. “The theft is affiliated with TraderTraitor threat activity, which is also tracked as Jade Sleet, UNC4899, and Slow Pisces,” the agencies said. “TraderTraitor activity is often characterized by…

    Read More

  • Italy Fines OpenAI €15 Million for ChatGPT GDPR Data Privacy Violations

    Italy Fines OpenAI €15 Million for ChatGPT GDPR Data Privacy Violations

    Italy’s data protection authority has fined ChatGPT maker OpenAI a fine of €15 million ($15.66 million) over how the generative artificial intelligence application handles personal data. The fine comes nearly a year after the Garante found that ChatGPT processed users’ information to train its service in violation of the European Union’s General Data Protection Regulation…

    Read More

  • LockBit Developer Rostislav Panev Charged for Billions in Global Ransomware Damages

    LockBit Developer Rostislav Panev Charged for Billions in Global Ransomware Damages

    A dual Russian and Israeli national has been charged in the United States for allegedly being the developer of the now-defunct LockBit ransomware-as-a-service (RaaS) operation since its inception in or around 2019 through at least February 2024. Rostislav Panev, 51, was arrested in Israel earlier this August and is currently awaiting extradition, the U.S. Department…

    Read More

  • Lazarus Group Spotted Targeting Nuclear Engineers with CookiePlus Malware

    Lazarus Group Spotted Targeting Nuclear Engineers with CookiePlus Malware

    The Lazarus Group, an infamous threat actor linked to the Democratic People’s Republic of Korea (DPRK), has been observed leveraging a “complex infection chain” targeting at least two employees belonging to an unnamed nuclear-related organization within the span of one month in January 2024. The attacks, which culminated in the deployment of a new modular…

    Read More

  • Rspack npm Packages Compromised with Crypto Mining Malware in Supply Chain Attack

    Rspack npm Packages Compromised with Crypto Mining Malware in Supply Chain Attack

    The developers of Rspack have revealed that two of their npm packages, @rspack/core and @rspack/cli, were compromised in a software supply chain attack that allowed a malicious actor to publish malicious versions to the official package registry with cryptocurrency mining malware. Following the discovery, versions 1.1.7 of both libraries have been unpublished from the npm…

    Read More

  • Sophos Issues Hotfixes for Critical Firewall Flaws: Update to Prevent Exploitation

    Sophos Issues Hotfixes for Critical Firewall Flaws: Update to Prevent Exploitation

    Sophos has released hotfixes to address three security flaws in Sophos Firewall products that could be exploited to achieve remote code execution and allow privileged system access under certain conditions. Of the three, two are rated Critical in severity. There is currently no evidence that the shortcomings have been exploited in the wild. The list…

    Read More

  • HubPhish Exploits HubSpot Tools to Target 20,000 European Users for Credential Theft

    HubPhish Exploits HubSpot Tools to Target 20,000 European Users for Credential Theft

    Cybersecurity researchers have disclosed a new phishing campaign that has targeted European companies with an aim to harvest account credentials and take control of the victims’ Microsoft Azure cloud infrastructure. The campaign has been codenamed HubPhish by Palo Alto Networks Unit 42 owing to the abuse of HubSpot tools in the attack chain. Targets include…

    Read More

  • Patch Alert: Critical Apache Struts Flaw Found, Exploitation Attempts Detected

    Patch Alert: Critical Apache Struts Flaw Found, Exploitation Attempts Detected

    Threat actors are attempting to exploit a recently disclosed security flaw impacting Apache Struts that could pave the way for remote code execution. The issue, tracked as CVE-2024-53677, carries a CVSS score of 9.5 out of 10.0, indicating critical severity. The vulnerability shares similarities with another critical bug the project maintainers addressed in December 2023…

    Read More

  • Not Your Old ActiveState: Introducing our End-to-End OS Platform

    Not Your Old ActiveState: Introducing our End-to-End OS Platform

    Having been at ActiveState for nearly eight years, I’ve seen many iterations of our product. However, one thing has stayed true over the years: Our commitment to the open source community and companies using open source in their code. ActiveState has been helping enterprises manage open source for over a decade. In the early days,…

    Read More

  • APT29 Hackers Target High-Value Victims Using Rogue RDP Servers and PyRDP

    APT29 Hackers Target High-Value Victims Using Rogue RDP Servers and PyRDP

    The Russia-linked APT29 threat actor has been observed repurposing a legitimate red teaming attack methodology as part of cyber attacks leveraging malicious Remote Desktop Protocol (RDP) configuration files. The activity, which has targeted governments and armed forces, think tanks, academic researchers, and Ukrainian entities, entails adopting a “rogue RDP” technique that was previously

    Read More