Infosecurity News
Malicious PyPI Package Exposes Crypto Wallets to Infostealer Code
A malicious PyPI package “aiocpa,” that stole crypto wallet data via obfuscated code, has been removed after being reported by Reversing Labs researchers
GodLoader Malware Infects Thousands via Game Development Tools
A new cyber-attack technique uses Godot Engine to deploy undetectable malware via GodLoader, infecting more than 17,000 devices
Malicious Actors Exploit ProjectSend Critical Vulnerability
This vulnerability was patched in May 2024 but was only allocated a CVE in November after evidence of exploitation
Critical Vulnerabilities Discovered in Industrial Wireless Access Point
Customers of Advantech’s EKI-6333AC-2G industrial-grade wireless access point have been urged to update their devices to new firmware versions
Albanian Drug Smugglers Busted After Cops Decrypt Comms
European police have arrested 21 individuals linked to a violent Albanian gang after decrypting their Sky ECC communications
T-Mobile Claims Salt Typhoon Did Not Access Customer Data
The CSO of T-Mobile has clarified that no customer information was stolen by Chinese hacking group Salt Typhoon
Attack Group APT-C-60 Targets Japan Using Trusted Platforms
APT-C-60 targets Japan with phishing emails, using job application ruse and malware via Google Drive
New Bootkit “Bootkitty” Targets Linux Systems via UEFI
Bootkitty, the first Linux-targeting UEFI bootkit, bypassed kernel security in a proof-of-concept attack
New EU Commission to Unveil Healthcare Cybersecurity Plan in First 100 Days
One of the priorities of the newly-approved Von der Leyen Commission II will be to strengthen the healthcare sector’s cyber resilience
Pro-Russian Hacktivists Launch Branded Ransomware Operations
A pro-Russian hacktivist collective, CyberVolk, has launched its own ransomware-as-a-service operations, SentinelLabs has found
Russian RomCom APT Group Leverages Zero-Day Flaws in Firefox and Windows
Russia-backed hackers, known as RomCom, have exploited critical zero-day vulnerabilities in Mozilla Firefox and Windows to launch targeted attacks
Nuclear Decommissioning Authority Opens Sellafield Cyber Center
The UK’s Nuclear Decommissioning Authority has opened a new hub dedicated to cybersecurity knowledge sharing
Operation Serengeti Disrupts $193m African Cybercrime Networks
The Interpol-led Operation Serengeti has resulted in the arrest of 1000 suspects across Africa
New DDoS Campaign Exploits IoT Devices and Server Misconfigurations
DDoS campaign by Matrix targets IoT devices and servers, exploiting weak credentials and public scripts
NHS Trust Declares Major Incident for “Cybersecurity Reasons”
Wirral University Teaching Hospital has cancelled outpatient appointments as it responds to a cybersecurity incident
Darknet Services Fuel Holiday Scams and E-Commerce Exploits
Cybercriminals are ramping up scams via darknet marketplaces, selling phishing kits for $100-$1000
Aggressive Chinese APT Group Targets Governments with New Backdoors
A Trend Micro analysis of Earth Estries found that the Chinese threat actor is using new backdoors to avoid detection during espionage operations
Starbucks and Grocery Stores Face Disruption after Ransomware Attack on Blue Yonder
Supply chain management provider Blue Yonder confirmed it was hit by ransomware attack
Over a Third of Firms Struggling With Shadow AI
Some 35% of global organizations report challenges monitoring use of non-approved AI tools
UK Scam Losses Surge 50% Annually to £11.4bn
Cifas figures reveal scammers stole over £11bn from UK consumers in the past 12 months