According to reports, new malicious NPM packages have been found that install the njRAT remote access trojan, letting cybercriminals to gain control over a computer. NPM, a JavaScript package manager, allows developers and users to download packages and incorporate them into their projects. Since NPM is an open network, anyone can Continue Reading
A major shift in the malware landscape was noticed towards the end of 2017. Due to the growing popularity of cloud-based technologies, gangs of threat actors and cybercriminals began targeting Docker and Kubernetes systems. A majority of these attacks followed a very simple pattern where cybercriminals skimmed for misconfigured systems Continue Reading
A cybercriminal is at the moment selling access to the email accounts of a large number of C-level executives at organizations globally. The data is being sold on a closed-access covert forum for Russian-speaking threat actors called Exploit.in. The following are high-level executives occupying functions such as: CEO – chief executive Continue Reading
A French security scientist has inadvertently found a zero-day flaw that affects the Windows 7 and Windows Server 2008 R2 operating systems while working on an update to a Windows security tool. The bug was discovered in two misconfigured registry keys for the RPC Endpoint Mapper and DNSCache services that Continue Reading
Security experts have found a major security fault in cPanel, a popular software suite that facilitates the management of a web hosting server. Discovered by security experts from Digital Defense, the vulnerability lets hackers circumvent two-factor authentication (2FA) for cPanel accounts, which are used by website owners to access and Continue Reading
By