Security News

ANEL and NOOPDOOR Backdoors Weaponized in New MirrorFace Campaign Against Japan
2024-12-05 07:30

The China-linked threat actor known as MirrorFace has been attributed to a new spear-phishing campaign mainly targeting individuals and organizations in Japan since June 2024. The aim of the...

Researchers Uncover Backdoor in Solana's Popular Web3.js npm Library
2024-12-04 09:48

Cybersecurity researchers are alerting to a software supply chain attack targeting the popular @solana/web3.js npm library that involved pushing two malicious versions capable of harvesting users'...

Hackers exploit ProjectSend flaw to backdoor exposed servers
2024-11-27 21:00

Threat actors are using public exploits for a critical authentication bypass flaw in ProjectSend to upload webshells and gain remote access to servers. [...]

RomCom hackers chained Firefox and Windows zero-days to deliver backdoor
2024-11-26 10:00

Russia-aligned APT group RomCom was behind attacks that leveraged CVE-2024-9680, a remote code execution flaw in Firefox, and CVE-2024-49039, an elevation of privilege vulnerability in Windows...

Salt Typhoon hackers backdoor telcos with new GhostSpider malware
2024-11-25 16:12

The Chinese state-sponsored hacking group Salt Typhoon has been observed utilizing a new "GhostSpider" backdoor in attacks against telecommunication service providers. [...]

Week in review: 0-days exploited in Palo Alto Networks firewalls, two unknown Linux backdoors identified
2024-11-24 09:00

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: 2,000 Palo Alto Networks devices compromised in latest attacks Attackers have compromised around...

Chinese APT Gelsemium Targets Linux Systems with New WolfsBane Backdoor
2024-11-21 15:50

The China-aligned advanced persistent threat (APT) actor known as Gelsemium has been observed using a new Linux backdoor dubbed WolfsBane as part of cyber attacks likely targeting East and...

Researchers unearth two previously unknown Linux backdoors
2024-11-21 09:59

ESET researchers have identified multiple samples of two previously unknown Linux backdoors: WolfsBane and FireWood. The goal of the backdoors and tools discovered is cyberespionage that targets...

Malicious npm Packages Target Developers' Ethereum Wallets with SSH Backdoor
2024-10-22 09:33

Cybersecurity researchers have discovered a number of suspicious packages published to the npm registry that are designed to harvest Ethereum private keys and gain remote access to the machine via...

Intel hits back at China's accusations it bakes in NSA backdoors
2024-10-18 05:32

Chipzilla says it obeys the law wherever it is, which is nice Intel has responded to Chinese claims that its chips include security backdoors at the direction of America's NSA.…