Security News

Cybersecurity researchers on Wednesday publicized the disruption of a "Clever" malvertising network targeting AnyDesk that delivered a weaponized installer of the remote desktop software via rogue Google ads that appeared in the search engine results pages. AnyDesk's remote desktop access solution has been downloaded by more than 300 million users worldwide, according to the company's website.

A malvertising operation observed last year by advertising cybersecurity company Confiant exploited what turned out to be a zero-day vulnerability in the WebKit browser engine. Confiant researchers discovered the security hole while analyzing a campaign carried out by a threat actor they call ScamClub.

A recently identified malvertising campaign targeting mobile and other connected devices users makes heavy use of obfuscation and cloaking to avoid detection. Dubbed LuckyBoy, the multi-stage, tag-based campaign is focused on iOS, Android, and Xbox users.

Cloud communications platform as a service company Twilio this week disclosed a security incident that resulted in hackers uploading a modified version of the TaskRouter JS SDK to its site. Designed to provide easy interaction with the Twilio TaskRouter, the SDK was hosted in an Amazon Web Services S3 bucket that was improperly secured, thus becoming accessible to the attackers.

Google has removed 500 Chrome extensions from its online store after researchers found that attackers were using them to steal browser data, according to a new report from security firm Duo Security. In a message to the researchers that it had removed the extensions, Google noted that it "Regularly sweeps to find extensions using similar techniques, code and behaviors and take down those extensions if they violate our policies."

An old piece of malware is storming the WordPress community, enabling its perpetrators to take control of sites and inject code of their choosing.

The eGobbler threat actor is back with a new malvertising campaign that has hijacked more than 1 billion sessions.

An ongoing attack on websites has added new exploits and an administrative backdoor to its bag of tricks.

The RIG exploit kit and Safari redirects are both in the adversaries' bag of tricks.

An ongoing malvertising campaign is exploiting WordPress plugin vulnerabilities to redirect website visitors to malicious pages.