Researchers Uncover PyPI Packages Stealing Keystrokes and Hijacking Social Accounts Cybersecurity researchers have flagged two malicious packages that were uploaded to the Python Package Index (PyPI) repository and came fitted with capabilities to exfiltrate sensitive information from compromised hosts, according to new findings from Fortinet FortiGuard Labs. The packages, named Read more…
‘LLM hijacking’ of cloud infrastructure uncovered by researchers “LLM hijacking” of cloud infrastructure for generative AI has been leveraged by attackers to run rogue chatbot services at the expense of victims, Permiso researchers reported Thursday. Attacks on Amazon Bedrock environments, which support access to foundational large language models (LLMs) such Read more…
Session Hijacking 2.0 — The Latest Way That Attackers are Bypassing MFA Attackers are increasingly turning to session hijacking to get around widespread MFA adoption. The data supports this, as: 147,000 token replay attacks were detected by Microsoft in 2023, a 111% increase year-over-year (Microsoft). Attacks on session cookies now Read more…
New TunnelVision Attack Allows Hijacking of VPN Traffic via DHCP Manipulation Researchers have detailed a Virtual Private Network (VPN) bypass technique dubbed TunnelVision that allows threat actors to snoop on victim’s network traffic by just being on the same local network. The “decloaking” method has been assigned the CVE identifier CVE-2024-3661 (CVSS score: 7.6). It impacts Read more…
Researchers Detail Multistage Attack Hijacking Systems with SSLoad, Cobalt Strike Cybersecurity researchers have discovered an ongoing attack campaign that’s leveraging phishing emails to deliver malware called SSLoad. The campaign, codenamed FROZEN#SHADOW by Securonix, also involves the deployment of Cobalt Strike and the ConnectWise ScreenConnect remote desktop software. “SSLoad is designed to stealthily infiltrate systems, gather sensitive Read more…
New Linux Bug Could Lead to User Password Leaks and Clipboard Hijacking Details have emerged about a vulnerability impacting the “wall” command of the util-linux package that could be potentially exploited by a bad actor to leak a user’s password or alter the clipboard on certain Linux distributions. The bug, Read more…
AWS Patches Critical 'FlowFixation' Bug in Airflow Service to Prevent Session Hijacking Cybersecurity researchers have shared details of a now-patched security vulnerability in Amazon Web Services (AWS) Managed Workflows for Apache Airflow (MWAA) that could be potentially exploited by a malicious actor to hijack victims’ sessions and achieve remote code Read more…
Ukraine Arrests Trio for Hijacking Over 100 Million Email and Instagram Accounts The Cyber Police of Ukraine has arrested three individuals on suspicion of hijacking more than 100 million emails and Instagram accounts from users across the world. The suspects, aged between 20 and 40, are said to be part of an Read more…
Cisco Issues Patch for High-Severity VPN Hijacking Bug in Secure Client Cisco has released patches to address a high-severity security flaw impacting its Secure Client software that could be exploited by a threat actor to open a VPN session with that of a targeted user. The networking equipment company described Read more…
Warning: Thread Hijacking Attack Targets IT Networks, Stealing NTLM Hashes The threat actor known as TA577 has been observed using ZIP archive attachments in phishing emails with an aim to steal NT LAN Manager (NTLM) hashes. The new attack chain “can be used for sensitive information gathering purposes and to enable follow-on Read more…