Security News

Bitwarden's FOSS halo slips as new SDK requirement locks down freedoms
2024-10-24 11:36

Arguments continue but change suggests it's not Free Software anymore The Bitwarden online credentials storage service is changing its build requirements – which some commentators feel mean it's...

Critical Apache Avro SDK Flaw Allows Remote Code Execution in Java Applications
2024-10-07 09:30

A critical security flaw has been disclosed in the Apache Avro Java Software Development Kit (SDK) that, if successfully exploited, could allow the execution of arbitrary code on susceptible...

ESET Threat Report: ChatGPT Name Abuses, Lumma Stealer Malware Increases, Android SpinOk SDK Spyware’s Prevalence
2023-12-22 22:47

Cybersecurity company ESET released its H2 2023 threat report, and we're highlighting three particularly interesting topics in it: the abuse of the ChatGPT name by cybercriminals, the rise of the Lumma Stealer malware and the Android SpinOk SDK spyware. In the second half of 2023, ESET has blocked 650,000 attempts to access malicious domains whose names include "Chatgpt" or similar string in an apparent reference to the ChatGPT chatbot.

16 New CODESYS SDK Flaws Expose OT Environments to Remote Attacks
2023-08-11 05:20

A set of 15 high-severity security flaws have been disclosed in the CODESYS V3 software development kit that could result in remote code execution and denial-of-service under specific conditions, posing risks to operational technology environments. "Exploitation of the discovered vulnerabilities, which affect all versions of CODESYS V3 prior to version 3.5.19.0, could put operational technology infrastructure at risk of attacks, such as remote code execution and denial-of-service," Vladimir Tokarev of the Microsoft Threat Intelligence Community said in a report.

Tython: Open-source Security as Code framework and SDK
2023-05-03 04:00

Security teams must adopt automation and incorporate security measures into code to keep up with the quickly evolving software development. Tython allows security teams to build custom security reference architectures and design patterns as code.

Malware exploited critical Realtek SDK bug in millions of attacks
2023-01-25 18:00

Hackers have leveraged a critical remote code execution vulnerability in Realtek Jungle SDK 134 million attacks trying to infect smart devices in the second half of 2022. Most of these attacks originate from botnet malware families like Mirai, Gafgyt, Mozi, and derivatives of them.

Botnets exploited Realtek SDK critical bug in millions of attacks
2023-01-25 18:00

Hackers have leveraged a critical remote code execution vulnerability in Realtek Jungle SDK 134 million attacks trying to infect smart devices in the second half of 2022. Unit 42 logged activity leveraging CVE-2021-35394 from all over the world but almost half of the attacks originated from the United States.

Malicious PyPI package found posing as a SentinelOne SDK
2022-12-21 09:45

Threat researchers have found a rapidly updated malicious Python package on PyPI masquerading as a legitimate software-development kit from cybersecurity firm SentinelOne, but actually contains malware designed to exfiltrate data from infected systems. The package, which carried the name SentinelOne and has since been taken down, was uploaded to the Python Package Index - an online index of packages for Python developers - on December 11 and over two days was updated 20 times.

Researchers Discover Malicious PyPI Package Posing as SentinelOne SDK to Steal Data
2022-12-19 18:05

Cybersecurity researchers have discovered a new malicious package on the Python Package Index repository that impersonates a software development kit for SentinelOne, a major cybersecurity company, as part of a campaign dubbed SentinelSneak. "The SentinelOne imposter package is just the latest threat to leverage the PyPI repository and underscores the growing threat to software supply chains, as malicious actors use strategies like 'typosquatting' to exploit developer confusion and push malicious code into development pipelines and legitimate applications," ReversingLabs threat researcher Karlo Zanki said in a report shared with The Hacker News.

Android apps with 45 million installs used data harvesting SDK
2022-04-07 14:06

Mobile malware analysts warn about a set of applications available on the Google Play Store, which collected sensitive user data from over 45 million installs of the apps. The apps collected this data through a third-party SDK that includes the ability to capture clipboard content, GPS data, email addresses, phone numbers, and even the user's modem router MAC address and network SSID. This sensitive data could lead to significant privacy risks for the users if misused or leaked due to poor server/database security.