Over 100 Malicious AI/ML Models Found on Hugging Face Platform As many as 100 malicious artificial intelligence (AI)/machine learning (ML) models have been discovered in the Hugging Face platform. These include instances where loading a pickle file leads to code execution, software supply chain security firm JFrog said. “The model’s payload grants Read more…
Phobos Ransomware Aggressively Targeting U.S. Critical Infrastructure U.S. cybersecurity and intelligence agencies have warned of Phobos ransomware attacks targeting government and critical infrastructure entities, outlining the various tactics and techniques the threat actors have adopted to deploy the file-encrypting malware. “Structured as a ransomware as a service (RaaS) model, Phobos ransomware actors Read more…
U.S. Court Orders NSO Group to Hand Over Pegasus Spyware Code to WhatsApp A U.S. judge has ordered NSO Group to hand over its source code for Pegasus and other products to Meta as part of the social media giant’s ongoing litigation against the Israeli spyware vendor. The decision, which marks a major Read more…
U.S. Charges Iranian Hacker, Offers $10 Million Reward for Capture The U.S. Department of Justice (DoJ) on Friday unsealed an indictment against an Iranian national for his alleged involvement in a multi-year cyber-enabled campaign designed to compromise U.S. governmental and private entities. More than a dozen entities are said to Read more…
New BIFROSE Linux Malware Variant Using Deceptive VMware Domain for Evasion Cybersecurity researchers have discovered a new Linux variant of a remote access trojan (RAT) called BIFROSE (aka Bifrost) that uses a deceptive domain mimicking VMware. “This latest version of Bifrost aims to bypass security measures and compromise targeted systems,” Read more…
New Phishing Kit Leverages SMS, Voice Calls to Target Cryptocurrency Users A novel phishing kit has been observed impersonating the login pages of well-known cryptocurrency services as part of an attack cluster designed to primarily target mobile devices. “This kit enables attackers to build carbon copies of single sign-on (SSO) Read more…
4 Instructive Postmortems on Data Downtime and Loss More than a decade ago, the concept of the ‘blameless’ postmortem changed how tech companies recognize failures at scale. John Allspaw, who coined the term during his tenure at Etsy, argued postmortems were all about controlling our natural reaction to an incident, which is Read more…
Five Eyes Agencies Warn of Active Exploitation of Ivanti Gateway Vulnerabilities The Five Eyes (FVEY) intelligence alliance has issued a new cybersecurity advisory warning of cyber threat actors exploiting known security flaws in Ivanti Connect Secure and Ivanti Policy Secure gateways, noting that the Integrity Checker Tool (ICT) can be Read more…
GitHub Rolls Out Default Secret Scanning Push Protection for Public Repositories GitHub on Thursday announced that it’s enabling secret scanning push protection by default for all pushes to public repositories. “This means that when a supported secret is detected in any push to a public repository, you will have the Read more…
Chinese Hackers Exploiting Ivanti VPN Flaws to Deploy New Malware At least two different suspected China-linked cyber espionage clusters, tracked as UNC5325 and UNC3886, have been attributed to the exploitation of security flaws in Ivanti Connect Secure VPN appliances. UNC5325 abused CVE-2024-21893 to deliver a wide range of new malware called LITTLELAMB.WOOLTEA, PITSTOP, PITDOG, PITJET, Read more…