Discord tokens are being targeted by malicious npm packages
Packages were removed before being extensively downloaded to target Discord users......»»
Qwiet AI releases a suite of targeted AppSec and DevSecOps services
Qwiet AI has released a suite of targeted AppSec and DevSecOps services that help companies address their security function needs without sacrificing time and budget. “We often hear of the notion of doing more with less. However, in today’.....»»
Report: Discord admin who leaked military docs ID’d as National Guard airman [Updated]
FBI agents arrested Jack Teixeira "without incident" Thursday afternoon, report says. Enlarge (credit: SOPA Images / Contributor | LightRocket) [Update: On Thursday afternoon, Federal Bureau of Investigation agents arre.....»»
Google delivers secure open source software packages
Google has announced the Google Cloud Assured Open Source Software (Assured OSS) service, which aims to be a trusted source of secure open source packages, and the deps.dev API, which provides access to security metadata for 50+ million open source p.....»»
The new weakest link in the cybersecurity chain
It used to be that people were the greatest cybersecurity vulnerability, but this is no longer true. The rise of the internet made people more connected than ever. Attackers capitalized on that fact and targeted employees directly to gain access to a.....»»
Binarly Transparency Platform identifies vulnerabilities and malicious threats in code
Binarly has released the Binarly Transparency Platform, delivering transparency for device supply chains enabling device manufacturers and endpoint protection products to analyze both firmware and hardware to identify vulnerabilities, misconfiguratio.....»»
FBI warns consumers not to use public phone charging stations
The FBI is warning consumers against using public phone charging stations in order to avoid exposing their devices to malicious software......»»
Report reveals details about iOS 14 exploit, spyware, and the mysterious group behind it
Researchers at the Citizen Lab from the University of Toronto’s Munk School have published a new report explaining how a zero-click exploit of iPhone software was possible and who was targeted. We first learned about the exploit and the mysteriou.....»»
Don"t recharge your iPhone using public USB ports, FBI warns
The FBI has again warned the public against using public USB ports to recharge an iPhone, with "juice jacking" attacks infecting mobile devices connected to the ports.An iPhone's Lightning portMany people will be familiar with malicious apps and onli.....»»
Pesticides detected in pollen and nectar may pose a long-term hazard for pollinators
Pesticides have been detected in flowers not targeted with the chemicals that could be an additional, underestimated threat to pollinators according to new findings by Trinity and DCU, published in the Science of the Total Environment......»»
Flood of malicious packages results in NPM registry DoS
Attackers are exploiting the good reputation and “openness” of the popular public JavaScript software registry NPM to deliver malware and scams, but are also simultaneously and inadvertently launching DoS attacks against the service. Mali.....»»
eFile tax website served malware to visitors for weeks
Just in time for tax season, the IRS-authorized eFile website prompted users to install a Windows botnet trojan through April 1.eFile.com was serving malwareWindows users that used eFile.com may have been exposed to a malicious JavaScript file prompt.....»»
Ford confirms all three EVs, plug-in hybrids eligible for U.S. subsidy packages
The company's Mustang Mach-E electric SUV will be eligible for a $3,750 credit and the F-150 Lightning pickup truck will be eligible for a $7,500 credit......»»
Academic researchers blast Twitter"s data paywall as "outrageously expensive"
After Twitter announced in February it would begin charging third parties to access its platform data, academic researchers warned that the vaguely worded plan could threaten important studies about how misinformation, harassment and other malicious.....»»
2023 BMW M2 First Drive: Cut-Copy-Paste Performance
Good things come in small packages, and the new 2023 M3 proves that size definitely isn't everything - especially with 453 horsepower going to your rear wheels......»»
3CX knew its app was flagged as malicious but took no action for 7 days
"It's not exactly our place to comment on it," 3CX rep says of malicious detection. Enlarge The support team for 3CX, the VoIP/PBX software provider with more than 600,000 customers and 12 million daily users, was aware.....»»
ReasonLabs Dark Web Monitoring identifies malicious online activity
ReasonLabs has launched a Dark Web Monitoring feature to its RAV Online Security solution, a web extension that provides real-time, 24/7 protection against a range of malicious online activity. The Dark Web Monitoring feature scans tens of thousands.....»»
3CX customers targeted via trojanized desktop app
Suspected state-sponsored threat actors have trojanized the official Windows desktop app of the widely used 3CX softphone solution, a number of cybersecurity companies began warning on Wednesday. What is 3CX? 3CX is Voice over Internet Protocol (VoIP.....»»
3CX knew its app was flagged as malicious, but took no action for 7 days
"It's not exactly our place to comment on it," 3CX rep says of malicious detection. Enlarge The support team for 3CX, the VoIP/PBX software provider with more than 600,000 customers and 12 million daily users, was aware.....»»
YouTube "crypto influencers" shown to have short-term impact on small-cap trading
The price and trading volume of lower value crypto coins and tokens are being impacted by "crypto influencers" on YouTube, but only in the very short-term, according to a study involving the Center for Finance, Technology and Society at Nottingham Bu.....»»
This worrying security flaw might let hackers hijack your Wi-Fi
There is a flaw in how routers handle network frames, allowing threat actors to inject malicious code and steal data......»»