Avast – Avast – We have found a new targeted attack against a small, lesser-known U.S. federal government commission associated with international rights. Despite repeated attempts through multiple channels over…
Tag: Python
Malicious PyPI Code Packages Rack Up Thousands of Downloads
The Python code repository was infiltrated by malware bent on data exfiltration from developer apps and more. Three malicious packages hosted in the Python Package Index (PyPI) code repository have…
SMA 100 flaws in SonicWall VPN expose devices to remote takeover
If exploited, an unauthenticated, remote attacker can execute code as a “nobody user” in the device meaning attacker would get root access and gain full control of the device. SonicWall,…
Malicious npm Code Packages Built for Hijacking Discord Servers
The lurking code-bombs lift Discord tokens from users of any applications that pulled the packages into their code bases. A series of malicious packages in the Node.js package manager (npm)…
Critical SonicWall VPN Bugs Allow Complete Appliance Takeover
Unauthenticated, remote attackers can achieve root-level RCE on SMA 100-series appliances. Critical security vulnerabilities in SonicWall’s Secure Mobile Access (SMA) 100-series VPN appliances could allow an unauthenticated, remote user to…
‘Printjack’ Printer Attacks Pose a Serious Threat, Researchers Warn
A group of Italian cybersecurity researchers has put together a set of three attacks known as ‘Printjack,’ alerting people of the serious risks of trusting their printer too much. According…