Infoblox says Lurking Lizard has used fake installers, mobile apps, and lookalike domains to recruit devices into a proxy botnet.
A China-linked threat cluster has been exploiting vulnerable Roundcube servers at U.S. and Canadian universities to steal credentials and deploy backdoor malware.
The campaign has been observed since May and focuses on physics and engineering departments, administrators and professors, as well as organizations involved in astrophysics, particle physics, or national security-related research.
Researchers at cybersecurity company Proofpoint are tracking the activity under the name ‘UNK_MassTraction’ and believe to be associated with a new threat cluster.
DuckDuckGo announced that its browser can now block most video ads on YouTube, including those shown before the video starts playing and during playback.
The feature is enabled by default in the latest versions of DuckDuckGo for iOS, Mac, and Windows, while Android users can enable it manually by going to Settings Ad Blocking.
YouTube is the world’s largest video platform, serving billions of users worldwide. Apart from YouTube Premium subscribers, free users are shown ads that help fund operational costs and creator payouts.
Malicious packages on the Node Package Manager (npm) and the Python Package Index (PyPI) delivered stealer malware to developers and users of Paysafe, Skrill, and Neteller payment applications.
The threat actor published at least 17 malicious packages simultaneously, each tasked to exfiltrate credentials and access tokens to a command-and-control server hosted on Amazon Web Services (AWS).
All three payment platforms are popular, with Paysafe being mostly used by e-commerce sites and online marketplaces, gaming platforms, travel businesses, and financial services or software-as-a-service (SaaS) providers.
A threat actor has been targeting organizations across multiple sectors with voice-based fake security requests that ask Microsoft 365 users to enroll a new Entra passkey.
The attacker is taking advantage of a new capability Microsoft opened to administrators in May, allowing them to run “passkey registration campaigns” to entice users to enrol passkeys for more secure authentication.
The campaign has been running since April and involves calling targeted users and trying to convince them to register a new passkey under the attacker’s control.