Bogus npm Packages Used to Trick Software Developers into Installing Malware

Bogus npm Packages Used to Trick Software Developers into Installing Malware

Bogus npm Packages Used to Trick Software Developers into Installing Malware An ongoing social engineering campaign is targeting software developers with bogus npm packages under the guise of a job interview to trick them into downloading a Python backdoor. Cybersecurity firm Securonix is tracking the activity under the name DEV#POPPER, linking it to North Korean Read more…

Ubuntu 'command-not-found' Tool Could Trick Users into Installing Rogue Packages

Ubuntu 'command-not-found' Tool Could Trick Users into Installing Rogue Packages

Ubuntu 'command-not-found' Tool Could Trick Users into Installing Rogue Packages Cybersecurity researchers have found that it’s possible for threat actors to exploit a well-known utility called command-not-found to recommend their own rogue packages and compromise systems running Ubuntu operating system. “While ‘command-not-found’ serves as a convenient tool for suggesting installations Read more…

Malicious Google Ads Trick WinSCP Users into Installing Malware

Malicious Google Ads Trick WinSCP Users into Installing Malware

Malicious Google Ads Trick WinSCP Users into Installing Malware î ‚Nov 17, 2023î „NewsroomMalvertising / Malware Threat actors are leveraging manipulated search results and bogus Google ads that trick users who are looking to download legitimate software such as WinSCP into installing malware instead. Cybersecurity company Securonix is tracking the ongoing activity Read more…