A series of malicious packages has recently been discovered in the Python Package Index (PyPI), posing as cryptocurrency wallet recovery and management tools, only to engage in data theft and exploit valuable digital assets. Researchers from Checkmarx reported that these deceptive packages target users of major cryptocurrency wallets, including Atomic,…
A significant cyber threat has emerged, characterized by the exploitation of a recently uncovered zero-day vulnerability in Palo Alto Networks PAN-OS software. This flaw has been active since March 26, 2024, well before its public disclosure, which occurred yesterday. Unit 42, a division of Palo Alto Networks, has initiated a…
Palo Alto Networks has issued urgent hotfixes in response to a critical security vulnerability affecting its PAN-OS software that is currently being exploited in live environments. This vulnerability, identified as CVE-2024-3400, has received the highest severity rating with a CVSS score of 10.0. It involves a command injection flaw within…
Malicious Python Package Discovered Concealing Golang Command-and-Control Framework Cybersecurity researchers have unveiled a nefarious Python package masquerading as an extension of the widely-used requests library. This malicious package, named requests-darwin-lite, has been found to hide a Golang variant of the Sliver command-and-control (C2) framework within an image file of the…
Cyber Attack on MITRE Corporation: Exploit of Zero-Day Vulnerabilities and Rogue Virtual Machines In late December 2023, the MITRE Corporation became the target of a sophisticated cyber attack that leveraged zero-day vulnerabilities in Ivanti Connect Secure (ICS). The attackers, identified as a threat group with ties to China, were able…
A new ransomware-as-a-service (RaaS) operation, known as Eldorado, has emerged with capabilities to lock files on both Windows and Linux platforms. This malware variant first surfaced on March 16, 2024, when its affiliate program was advertised on the infamous RAMP ransomware forum. The cybersecurity firm Group-IB, based in Singapore, has…
A recent report from Group-IB has drawn attention to the ongoing cyber campaign led by North Korea’s Lazarus Group, referred to as the “Eager Crypto Beavers” initiative. This group utilizes advanced strategies, including deceptive job postings and malicious video conferencing software, to spread malware effectively. The Lazarus Group, infamous for…
New Malware Campaign Targets Linux Servers for Cryptocurrency Mining Recent discoveries by cybersecurity researchers have unveiled a new malware operation specifically designed to target Linux environments for illicit cryptocurrency mining and the deployment of botnet malware. This campaign notably focuses on the Oracle WebLogic server, aiming to distribute a malware…
