Browsing: Latest News

Malicious PyPI Package Steals AWS Credentials

Josh Breaker RolfeNovember 11, 20242 Mins Read

A malicious package on the Python Package Index (PyPi) has been quietly exfiltrating Amazon Web Service credentials from developers for…

Large-Scale Phishing Campaign Exposed Using New Version of Rhadamanthys Malware

Kirsten DoyleNovember 8, 20243 Mins Read

Check Point Research has uncovered a sophisticated phishing campaign that uses a newly updated version of the Rhadamanthys Stealer, a…

Credential Abuse Market Flourishes Despite Setbacks

Josh Breaker RolfeNovember 8, 20242 Mins Read

Despite the recent takedown of the RedLine malware variant and a crackdown on “problematic” Telegram content, the credential abuse market is…

Fry Another Day: The Hidden Surveillance Powers of Smart Appliances

Kirsten DoyleNovember 7, 20244 Mins Read

A new investigation by the consumer advocacy group Which? reveals a worrying trend: everyday smart devices, from air fryers to…

JFrog Uncovers Critical Vulnerabilities in Machine Learning Platforms

Josh Breaker RolfeNovember 7, 20242 Mins Read

Software supply chain company JFrog revealed on Monday that it had discovered 22 software vulnerabilities across 15 machine learning-related open-source…

New Malware Campaign Targets Windows Users Through Gaming Apps

Kirsten DoyleNovember 7, 20243 Mins Read

A new malware strain, Winos4.0, is actively used in cyberattack campaigns. Discovered by FortiGuard Labs, this advanced malicious framework, which…

Google Cloud to Mandate Multi-Factor Authentication for All Users by 2025

Kirsten DoyleNovember 7, 20244 Mins Read

In a move to improve account security, Google Cloud has announced that it will require multi-factor authentication (MFA) for all…

Google’s Big Sleep AI Tool Finds Zero-Day Vulnerability

Kirsten DoyleNovember 6, 20245 Mins Read

In a major breakthrough, Google’s AI-powered research tool, Big Sleep, discovered a vulnerability in SQLite, one of the most widely…

Attackers Exploit DocuSign API to Send Fraudulent Invoices, Bypassing Security Filters

Kirsten DoyleNovember 6, 20244 Mins Read

Attackers are leveraging DocuSign’s API to distribute authentic-looking invoices at scale, exploiting legitimate business channels to bypass traditional security measures.…

500,000 Affected in Columbus Data Breach, Followed by Lawsuit Against Security Researcher

Dilki RathnayakeNovember 5, 20242 Mins Read

In July 2024, the City of Columbus, Ohio, experienced a ransomware attack that exposed the personal information of approximately 500,000…

Information Security Buzz is an independent resource that provides the experts’ comments, analysis, and opinion on the latest Cybersecurity news and topics