Compromised ultralytics PyPI package delivers crypto coinminer

On December 4, a malicious version 8.3.41 of the popular AI library ultralytics — which has almost 60 million downloads — was published to the Python Package Index (PyPI) package repository.

Transaction-Relay Jamming Vulnerability Poses Threat to Bitcoin Lightning Network

By strategically flooding the network with a high volume of junk transactions, adversaries can overwhelm the processing capacity of these nodes, hindering their ability to relay legitimate transactions.

Qlik Sense Users Face Serious Security Risk

These vulnerabilities, identified as CVE-2024-55579 and CVE-2024-55580, could allow unprivileged users with network access to compromise the server, potentially leading to remote code execution (RCE) and broken access control.

Researchers Uncover Flaws in Popular Open-Source Machine Learning Frameworks

Cybersecurity researchers have disclosed multiple security flaws impacting open-source machine learning (ML) tools and frameworks such as MLflow, H2O, PyTorch, and MLeap that could pave the way for code execution.

Threat Actor Targets Manufacturing Industry With Lumma Stealer and Amadey Bot

This campaign leverages multiple Living-off-the-Land Binaries (LOLBins), such as ssh.exe, powershell.exe, and mshta.exe, to bypass traditional security mechanisms and remotely execute the next-stage payload.

MOONSHINE Exploit Kit and DarkNimbus Backdoor Enabling Earth Minotaur’s Multi-Platform Attacks

Earth Minotaur uses the MOONSHINE exploit kit to deliver the DarkNimbus backdoor to Android and Windows devices, targeting WeChat, and possibly making it a cross-platform threat.

Black Basta Ransomware Campaign Drops Zbot, DarkGate, & Custom Malware

According to a detailed analysis by Rapid7, the threat actors have refined their techniques, introducing novel methods for gaining access and delivering malware, including Zbot, DarkGate, and custom-developed tools.

Crypto-Stealing Malware Posing as a Meeting App Targets Web3 Professionals

Cybercriminals are targeting people working in Web3 with fake business meetings using a fraudulent video conferencing platform that infects Windows and Macs with crypto-stealing malware.

Mitel MiCollab Zero-Day Flaw Gets Proof-of-Concept Exploit

Researchers released a PoC exploit that strings together a now-patched critical security flaw impacting Mitel MiCollab with an arbitrary file read zero-day, granting an attacker the ability to access files from susceptible instances.

DroidBot Android Trojan Found Targeting 77 Banks and Cryptocurrency Exchanges

"DroidBot is a modern RAT that combines hidden VNC and overlay attack techniques with spyware-like capabilities, such as keylogging and user interface monitoring," Cleafy researchers Simone Mattia, Alessandro Strino, and Federico Valentini said.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags