Author Archives: Ravie Lakshmanan

Researchers have disclosed what they say is the first-ever Python-based ransomware strain specifically designed to target exposed Jupyter notebooks, a web-based interactive computing platform that allows editing and running programs via a browser.
“Th… Continue reading New Python-based Ransomware Targeting JupyterLab Web Notebooks→

A zero-day remote code execution (RCE) vulnerability has come to light in the Spring framework shortly after a Chinese security researcher briefly leaked a proof-of-concept (PoC) exploit on GitHub before deleting their account.
According to cybersecur… Continue reading Unpatched Java Spring Framework 0-Day RCE Bug Threatens Enterprise Web Apps Security→

Taiwanese company QNAP this week revealed that a selected number of its network-attached storage (NAS) appliances are affected by a recently-disclosed bug in the open-source OpenSSL cryptographic library.
“An infinite loop vulnerability in OpenSSL has… Continue reading QNAP Warns of OpenSSL Infinite Loop Vulnerability Affecting NAS Devices→

A nascent information stealer called Mars has been observed in campaigns that take advantage of cracked versions of the malware to steal information stored in web browsers and cryptocurrency wallets.
“Mars Stealer is being distributed via social engin… Continue reading Researchers Expose Mars Stealer Malware Campaign Using Google Ads to Spread→

A duo of researchers has released a proof-of-concept (PoC) demonstrating the ability for a malicious actor to remote lock, unlock, and even start Honda and Acura vehicles by means of what’s called a replay attack.
The attack is made possible, thanks t… Continue reading Honda’s Keyless Access Bug Could Let Thieves Remotely Unlock and Start Vehicles→

The LAPSUS$ data extortion gang announced their return on Telegram after a week-long “vacation,” leaking what they claim is data from software services company Globant.
“We are officially back from a vacation,” the group wrote on their Telegram channe… Continue reading IT Firm Globant Confirms Breach after LAPSUS$ Leaks 70GB of Data→

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Energy (DoE) are jointly warning of attacks against internet-connected uninterruptible power supply (UPS) devices by means of default usernames and passwords.
“Orga… Continue reading CISA Warns of Ongoing Cyber Attacks Targeting Internet-Connected UPS Devices→

SonicWall has released security updates to contain a critical flaw across multiple firewall appliances that could be weaponized by an unauthenticated, remote attacker to execute arbitrary code and cause a denial-of-service (DoS) condition.
Tracked as … Continue reading Critical SonicOS Vulnerability Affects SonicWall Firewall Appliances→

An unidentified threat actor has been observed employing a “complex and powerful” malware loader with the ultimate objective of deploying cryptocurrency miners on compromised systems and potentially facilitating the theft of Discord tokens.
“The evide… Continue reading New Malware Loader ‘Verblecon’ Infects Hacked PCs with Cryptocurrency Miners→

A threat actor of likely Pakistani origin has been attributed to yet another campaign designed to backdoor targets of interest with a Windows-based remote access trojan named CrimsonRAT since at least June 2021.
“Transparent Tribe has been a highly ac… Continue reading New Hacking Campaign by Transparent Tribe Hackers Targeting Indian Officials→