CYBER45

Retro-computing fun for the nostalgic with first (and last) release to use Motif instead of GTK

Cybersecurity researchers have discovered a set of malicious npm packages that are designed to deliver a Windows-based remote access trojan (RAT).

The list of identified packages, is below -


aes-decode-runner-pro (145 downloads)
postcss-minify-selector (256 downloads)
postcss-minify-selector-parser (615 downloads)

All the packages were published over the past month by an npm user named

Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group.

Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool.

Bosses told to step up and get cybersecurity right

Microsoft has confirmed that Windows 11 version 26H2 will be the next feature update and that devices running Windows 11 24H2 and 25H2 will be able to upgrade using a small enablement package. [...]

Security firm SOCRadar says the large-scale FortiBleed campaign targeting Fortinet FortiGate devices used custom sniffers to harvest authentication secrets from compromised firewalls and steal credentials. [...]

A hacker could have "Rickrolled" the World Cup — or worse — thanks to FIFA's unenforced Entra access controls.

The threat actors engineered a Golang-based sniffer to target 430,000 FortiGate firewalls and identify 110 million credentials in the ongoing global campaign.

A previously undocumented malware botnet named AryStinger has compromised more than 4,000 outdated routers to turn them into proxies for malicious traffic. [...]