Threat actors are sharpening their focus on developers, cryptocurrency projects, and unsuspecting corporate users, leveraging creative and deceptive methods to achieve their goals. Malicious VSCode extensions posing as productivity tools have been discovered targeting developers and cryptocurrency projects. The BADBOX botnet, previously thought to be dismantled, has resurfaced, infecting over 192,000 Android-based devices globally, expanding its reach to high-end smart TVs and smartphones. Zimperium uncovered a phishing campaign exploiting a DocuSign impersonation scheme to harvest corporate credentials. Read on for more.
01
Malicious VSCode extensions targeting developers and cryptocurrency projects were discovered on the VSCode marketplace and NPM. These extensions were disguised as productivity tools and targeting cryptocurrency investors.
02
The BADBOX botnet, previously believed to have been dismantled, has re-emerged and expanded to compromise over 192,000 Android-based devices globally.
03
Juniper Networks routers with default passwords are being targeted in a botnet infection campaign, with the Mirai malware infecting systems and launching DDoS attacks.
04
The CERT-UA reported that a threat actor named UAC-0125 is using the Cloudflare Workers service to deceive military personnel into downloading malware disguised as Army+.
05
Fortinet has issued urgent advisories about serious vulnerabilities in its products, including FortiClient VPN, FortiManager, and FortiWLM. A critical flaw in FortiWLM (CVE-2023-34990) permits unauthorized access to sensitive files.
06
The latest NodeStealer malware variant has evolved into a Python-based threat, enabling it to steal credit card details, browser-stored data, and target Facebook Ads Manager accounts.
07
Zimperium observed a recent phishing campaign that used a DocuSign impersonation scheme to harvest corporate credentials, employing advanced evasion techniques, mobile-specific targeting, and a newly created infrastructure to evade detection.
08
The Exploit Prediction Scoring System (EPSS) model, developed by FIRST, has been shown to be vulnerable to AI-powered adversarial attacks, potentially misleading organizations relying on its scores for vulnerability management.
09
A new report by SlashNext noted a 202% surge in overall phishing messages, with a 703% increase in credential phishing attacks, in H2 2024.
10
Risk intelligence platform Bureau raised $30 million in a Series B funding round led by Sorenson Capital, with participation from PayPal Ventures and previous investors.
