Discord tokens are being targeted by malicious npm packages
Packages were removed before being extensively downloaded to target Discord users......»»
Discord leaker Jack Teixeira pleads guilty, seeks light 11-year sentence
Jack Teixeira avoids spy charges, reduces sentence from up to 60 years. Enlarge / This photo illustration created on April 13, 2023, shows the Discord logo and the suspect, national guardsman Jack Teixeira, reflected in an image.....»»
Securing software repositories leads to better OSS security
Malicious software packages are found on public software repositories such as GitHub, PyPI and the npm registry seemingly every day. Attackers use a number of tricks to fool developers or systems into downloading them, or they simply compromise the p.....»»
GitHub push protection now on by default for public repositories
GitHub push protection – a security feature aimed at preventing secrets such as API keys or tokens getting accidentally leaked online – is being switched on by default for all public repositories. “This means that when a supported s.....»»
Pirate Sites With Malicious Ads Face Restrictions Under New Initiative
The Trustworthy Accountability Group aims to increase trust in the digital advertising industry, in part by limiting pirate sites' access to advertising. A new initiative will see the development of a new blocklist containing pirate site domains to b.....»»
Hugging Face, the GitHub of AI, hosted code that backdoored user devices
Malicious submissions have been a fact of life for code repositories. AI is no different. Enlarge (credit: Getty Images) Code uploaded to AI developer platform Hugging Face covertly installed backdoors and other types of.....»»
X quietly revived anti-misgendering policy that Musk dropped last year
GLAAD pushes to close loopholes allowing targeted misgendering of celebrities. Enlarge (credit: paul mansfield photography | Moment) Last April, Twitter quietly edited its abuse and harassment policy to no longer explici.....»»
ALPHV/BlackCat threatens to leak data stolen in Change Healthcare cyberattack
The ALPHV/BlackCat ransomware group has claimed responsibility for the cyberattack that targeted Optum, a subsidiary of UnitedHealth Group (UHG), causing disruption to the Change Healthcare platform and affecting pharmacy transactions across the US......»»
SpaceX reschedules this week’s Crew-8 launch to the space station
NASA and SpaceX are making final preparations for Crew-8's flight to the International Space Station in a launch targeted for Saturday night......»»
GitHub besieged by millions of malicious repositories in ongoing attack
GitHub keeps removing malware-laced repositories, but thousands remain. Enlarge (credit: Getty Images) GitHub is struggling to contain an ongoing attack that’s flooding the site with millions of code repositories. Thes.....»»
Maybe, just maybe, Boeing’s Starliner will finally fly astronauts this spring
The first launch of astronauts on Boeing's Starliner capsule is targeted for April 22. Enlarge / Boeing's Starliner crew module for the upcoming Crew Flight Test was mated with the spacecraft's service module last year in Florida.....»»
Hackers backed by Russia and China are infecting SOHO routers like yours, FBI warns
Six years on, routers remain a favorite post for concealing malicious activities. Enlarge (credit: Getty Images) The FBI and partners from 10 other countries are urging owners of Ubiquiti EdgeRouters to check their gear.....»»
Microbial comics: RNA as a common language, presented in extracellular speech-bubbles
Single-celled organisms, such as bacteria and archaea, have developed many ways to communicate with each other. For example, they might use tiny so-called extracellular vesicles (EVs)—membrane-enveloped packages smaller than 200 nm in diameter (0.0.....»»
Bitdefender Cryptomining Protection detects malicious cryptojacking attempts
Bitdefender announced Cryptomining Protection, a cryptomining management feature that allows users to both protect against malicious cryptojacking and manage their own legitimate cyptomining initiatives on their Windows PCs. According to a 2023 repor.....»»
How to watch SpaceX launch Crew-8 to the space station this week
NASA and SpaceX are making final preparations for Crew-8's flight to the International Space Station in a launch targeted for Thursday night......»»
ScreenConnect flaws exploited to deliver all kinds of malware (CVE-2024-1709, CVE-2024-1708)
The recently patched vulnerabilities (CVE-2024-1709, CVE-2024-1708) in ConnectWise ScreenConnect software are being exploited by numerous attackers to deliver a variety of malicious payloads. About ConnectWise ScreenConnect ConnectWise ScreenConnect.....»»
India’s plan to let 1998 digital trade deal expire may worsen chip shortage
Taxing exports of digital movies and games may not be worth sowing discord. Enlarge (credit: Narumon Bowonkitwanchai | Moment) India's plan to let a moratorium on imposing customs duties on cross-border digital e-commerc.....»»
Secure email gateways struggle to keep pace with sophisticated phishing campaigns
In 2023, malicious email threats bypassing secure email gateways (SEGs) increased by more than 100%, according to Cofense. In just two years, Cofense identified over 1.5 million malicious emails bypassing their customers’ SEGs, signaling a 37% incr.....»»
What does a physicist see when looking at the NFT market?
The market for collectible digital assets, or non-fungible tokens, is an interesting example of a physical system with a large scale of complexity, non-trivial dynamics, and an original logic of financial transactions. At the Institute of Nuclear Phy.....»»
CRISPR/Cas9-mediated targeted mutagenesis of inulin biosynthesis in rubber dandelion
Researchers have leveraged the power of the CRISPR/Cas9 genome editing system to enhance natural rubber production in rubber dandelion (Taraxacum kok-saghyz). The CRISPR system's efficiency and precision offer a promising avenue to address challenges.....»»
A critical Shortcuts vulnerability was fixed in iOS 17.3
According to research performed by Bitdefender, prior to the iOS 17.3 update, a malicious Shortcut could capture sensitive data like photos and send it to an attacker.Apple's Shortcuts appShortcuts are built into iOS, iPadOS, and macOS to provide use.....»»