资讯

The Hacker News6 天

VirusTotal Finds 44 Undetected SVG Files Used to Deploy Base64-Encoded Phishing Pages

The SVG files, according to VirusTotal, are distributed via email and designed to execute an embedded JavaScript payload, ...
The Hacker News2 天

TOR-Based Cryptojacking Attack Expands Through Misconfigured Docker APIs

The attack chain essentially involves breaking into misconfigured Docker APIs to execute a new container based on the Alpine ...

Hackers hide behind Tor in exposed Docker API breaches

A threat actor targeting exposed Docker APIs has updated its malicious tooling with more dangerous functionality that could ...
Security Boulevard3 天

APT37 Targets Windows with Rust Backdoor and Python Loader

IntroductionAPT37 (also known as ScarCruft, Ruby Sleet, and Velvet Chollima) is a North Korean-aligned threat actor active since at least 2012. APT37 primarily targets South Korean individuals ...
WinBuzzer4 天

VirusTotal’s AI Uncovers Year-Long Malware Campaign Hidden in SVG Files

VirusTotal has used its AI Code Insight tool to uncover a year-long malware campaign that hid within SVG files to evade ...
CSO Online11 小时

Docker malware breaks in through exposed APIs, then changes the locks

The new variant of Docker-targeting malware skips cryptomining in favor of persistence, backdoors, and even blocking rivals ...
Devdiscourse6 天

Prompt injection attacks push AI cybersecurity to the brink of major meltdown

The study offers a blueprint for effective defense. The researchers developed a multi-layered guardrail system that ...
Hackaday6 天

This Week In Security: DNS Oops, Novel C2s, And The Scam Becomes Real

Something rather significant happened on the Internet back in May, and it seems that someone only noticed it on September 3rd ...