Google Vertex AI SDK Flaw Let Attackers Hijack Model Uploads via Bucket Squatting

A flaw in the Google Cloud Vertex AI SDK for Python let an attacker with no access to a victim’s project hijack the victim’s machine learning model upload and run code inside Google’s serving infrastructure.

Palo Alto Networks Unit 42, which found and… Continue reading Google Vertex AI SDK Flaw Let Attackers Hijack Model Uploads via Bucket Squatting

Posted in Uncategorized

ClickFix Campaigns Expand Malware Delivery With New Loaders and Fake Update Lures

Cybersecurity researchers have flagged multiple ClickFix campaigns that deliver three malware loaders called BabaDeda Loader, Lorem Ipsum Loader, and Potemkin, per independent reports from Morphisec, BlueVoyant, and Huntress, respectively.

Attacks inv… Continue reading ClickFix Campaigns Expand Malware Delivery With New Loaders and Fake Update Lures

Posted in Uncategorized

Survey: 94% of Incidents Involve Anonymized Infrastructure. Teams Are Still Reactive

Security teams have never had more IP data at their disposal. Every day, analysts ingest enrichment feeds, geolocation data, reputation scores, telemetry, and threat intelligence from a growing ecosystem of vendors and platforms.

Yet despite this abun… Continue reading Survey: 94% of Incidents Involve Anonymized Infrastructure. Teams Are Still Reactive

Posted in Uncategorized

China-Linked SprySOCKS Backdoor Expands to Windows with Driver-Based Stealth

Cybersecurity researchers have flagged two previously undocumented Windows variants of what was believed to be a Linux-only backdoor called SprySOCKS.

“The Windows variants discovered are internally marked as WIN_DRV and WIN_PLUS,” ESET said in a repo… Continue reading China-Linked SprySOCKS Backdoor Expands to Windows with Driver-Based Stealth

Posted in Uncategorized

CISA Flags LiteSpeed cPanel Plugin Flaw Exploited for Root Privilege Escalation

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a security flaw impacting LiteSpeed cPanel Plugin to its Known Exploited Vulnerabilities (KEV) catalog, requiring Federal Civilian Executive Branch (FCEB) agencies to apply the … Continue reading CISA Flags LiteSpeed cPanel Plugin Flaw Exploited for Root Privilege Escalation

Posted in Uncategorized

Chinese Hackers Abused Google Workspace Rules to Steal Research and Defense Emails

A China-linked espionage group hid inside North American medical, academic, and military research networks for more than a year, quietly stealing sensitive research and defense email.

The way in was a backdoor on their REDCap research servers that sto… Continue reading Chinese Hackers Abused Google Workspace Rules to Steal Research and Defense Emails

Posted in Uncategorized