A member of Silk Typhoon, Xu Zewei is accused of launching cyberattacks against universities in the US.
The post Alleged Chinese State Hacker Extradited to US appeared first on SecurityWeek.
Source:: securityweek
The Mini Shai-Hulud attack introduced a preinstall hook to fetch and execute a Bun binary and bypass security monitoring.
The post SAP NPM Packages Targeted in Supply Chain Attack appeared first on SecurityWeek.
Source:: securityweek
The hackers exfiltrated the data from Checkmarx’s GitHub environment on March 30, a week after publishing malicious code.
The post Checkmarx Confirms Data Stolen in Supply Chain Attack appeared first on SecurityWeek.
Source:: securityweek
Itron, which serves utilities and cities around the world, discovered unauthorized access to its systems on April 13.
The post Energy and Water Management Firm Itron Hacked appeared first on SecurityWeek.
Source:: securityweek
Dubbed GopherWhisper, the group relies on multiple Go-based backdoors alongside custom loaders and injectors.
The post China-Linked APT GopherWhisper Abuses Legitimate Services in Government Attacks appeared first on SecurityWeek.
Source:: securityweek
The initial vulnerability was exploited by Russia-linked APT28 in attacks against Ukraine and EU countries.
The post Incomplete Windows Patch Opens Door to Zero-Click Attacks appeared first on SecurityWeek.
Source:: securityweek
A fake RPC server can be used to listen for RPC requests and impersonate the target service to elevate privileges to System.
The post No Patch for New PhantomRPC Privilege Escalation Technique in Windows appeared first on SecurityWeek.
Source:: securityweek
The majority of universities have either adopted AI or intend to soon.
Source:: Security magazin
The threat actor infected victims with the Snow malware family – Snowbelt, Snowglaze, and Snowbasin – for persistent access.
The post UNC6692 Uses Email Bombing, Social Engineering to Deploy ‘Snow’ Malware appeared first on SecurityWeek.
Source:: securityweek