Discord tokens are being targeted by malicious npm packages
Packages were removed before being extensively downloaded to target Discord users......»»
Vercara UltraAPI offers protection against malicious bots and fraudulent activity
Vercara has launched UltraAPI, a product suite that protects APIs and web applications from malicious bots and fraudulent activity while ensuring regulatory compliance. Powered by Cequence Security UltraAPI helps organizations protect applications an.....»»
How to appear offline on Discord on desktop and mobile
Would you prefer a little privacy but still want to keep using Discord? It's all about updating your status. Here's how to look like you're offline to others......»»
Justice Department indicts 7 accused in 14-year hack campaign by Chinese gov
Hacks allegedly targeted US officials and politicians, their spouses, and dozens of companies. Enlarge (credit: peterschreiber.media | Getty Images) The US Justice Department on Monday unsealed an indictment charging sev.....»»
This ‘unpatchable’ Mac flaw is keeping me up at night
A newly discovered vulnerability could leave Apple Silicon Macs wide open to malicious hacker attacks -- and it looks like the flaw can’t even be patched......»»
Scammers steal millions from FTX, BlockFi claimants
Customers of bankrupt crypto platform BlockFi have been targeted with a very convincing phishing email impersonating the platform, asking them to connect their wallet to complete the withdrawal of remaining funds. Judging by this Reddit thread, many.....»»
Scams are becoming more convincing and costly
Scams directly targeting consumers continue to increase in both complexity and volume, according to Visa. Consumers are increasingly targeted by scammers, who rely on heightened emotions to create fraud opportunities. While the number of individual s.....»»
Researchers devise new way to find proteins for targeted treatment of disease
Researchers at the University of Toronto and Sinai Health have created a new platform to identify proteins that can be co-opted to control the stability of other proteins—a new but largely unrealized approach to the treatment of disease......»»
US organizations targeted with emails delivering NetSupport RAT
Employees at US-based organizations are being targeted with emails delivering NetSupport RAT malware via “nuanced” exploitation and by using an advanced detection evasion method. The malware campaign The campaign, dubbed PhantomBlu, takes.....»»
Apple’s green bubbles targeted by DOJ in lawsuit over iPhone “monopoly”
RCS and green bubbles in iPhone-to-Android texts play role in Apple/DOJ battle. Enlarge (credit: Getty Images | NurPhoto) The US Department of Justice is angry about green message bubbles. Announcing today's antitrust la.....»»
Research reveals new starting points for the rapid and targeted development of future drugs
Many important medicines, such as antibiotics and anticancer drugs, are derived from natural products of bacteria. The enzyme complexes that produce these active ingredients have a modular design that makes them ideal tools for synthetic biology. By.....»»
API environments becoming hotspots for exploitation
A total of 29% of web attacks targeted APIs over 12 months (January through December 2023), indicating that APIs are a focus area for cybercriminals, according to Akamai. API integration amplifies risk exposure for enterprises APIs are at the heart o.....»»
PoC for critical Arcserve UDP vulnerabilities published (CVE-2024-0799, CVE-2024-0800)
Arcserve has fixed critical security vulnerabilities (CVE-2024-0799, CVE-2024-0800) in its Unified Data Protection (UDP) solution that can be chained to upload malicious files to the underlying Windows system. Tenable researchers have published a PoC.....»»
BSAM: Open-source methodology for Bluetooth security assessment
Many wireless headsets using Bluetooth technology have vulnerabilities that may allow malicious individuals to covertly listen in on private conversations, Tarlogic Security researchers have demonstrated last week at RootedCON in Madrid. “Many.....»»
Study finds pronghorn population declining due to human development
Global species diversity is in decline almost everywhere, largely due to human-driven development and resource use. Typically, conservation efforts have targeted the most endangered species, which can lead to some tough choices on how to balance limi.....»»
Image-scraping Midjourney bans rival AI firm for scraping images
Midjourney pins blame for 24-hour outage on "bot-net like" activity from Stability AI employee. Enlarge / A burglar with a flashlight and papers in a business office—exactly like scraping files from Discord. (credit: Getty Imag.....»»
Cisco patches Secure Client VPN flaw that could reveal authentication tokens (CVE-2024-20337)
Cisco has fixed two high-severity vulnerabilities affecting its Cisco Secure Client enterprise VPN and endpoint security solution, one of which (CVE-2024-20337) could be exploited by unauthenticated, remote attackers to grab users’ valid SAML a.....»»
Immediate AI risks and tomorrow’s dangers
“At the most basic level, AI has given malicious attackers superpowers,” Mackenzie Jackson, developer and security advocate at GitGuardian, told the audience last week at Bsides Zagreb. These superpowers are most evident in the growing im.....»»
What makes a pathogen antibiotic-resistant?
Antimicrobial resistance is a story of constantly moving parts and players. With every new or tweaked antibiotic or antimicrobial drug, the targeted pathogens begin the evolutionary dance of acquiring resistance, prompting researchers to constantly d.....»»
Spotify comment on Apple’s $2B antitrust fine hints at possible malicious compliance
We noted yesterday that Spotify welcomed Apple being fined $2B for antitrust offences relating to streaming music services. The tone of the company’s response, however, strongly suggests that it believes the iPhone maker will repeat what some ha.....»»
Hundreds of orgs targeted with emails aimed at stealing NTLM authentication hashes
A threat actor specializing in establishing initial access to target organizations’ computer systems and networks is using booby-trapped email attachments to steal employees’ NTLM hashes. Why are they after NTLM hashes? NT LAN Manager (NT.....»»