Malicious ML models exploit Pickle serialization flaw to evade detection on Hugging Face
The attack involves a technique involving “broken” pickle files to evade detection systems.
Cybersecurity News - Page 93
Threat actors target IIS servers in Asia to spread BadIIS malware
The attackers appear to be manipulating SEO tactics to deploy the malware.
Massive brute force attack targets networking devices using nearly 2.8M IPs
The attack appears to be global, with the majority of the malicious IP addresses originating from Brazil.
Cyber Security Week in Review: February 7, 2025
In brief: Trimble Cityworks zero-day exploited in the wild, a SmokeLoader campaign caught abusing 7-Zip zero-day, and more.
UAC-0006 returns with SmokeLoader targeting Ukraine's largest state-owned bank
The campaign involves password-protected archives containing malicious JavaScript, VBScript, and LNK files.
Silent Lynx cyber spies target embassies and banks in Kyrgyzstan and Turkmenistan
The group’s attacks begin with spear-phishing campaigns targeting high-profile individuals in organizations
XE Group cybercrime op shifts from credit card skimming to data theft using 0Day exploits
XE Group has leveraged at least two zero-day vulnerabilities in the VeraCore supply chain management software.
Malicious software supply chain attack targeting Go ecosystem
Once the backdoored package is installed, it grants the attacker remote access to the victim's system.
Zyxel says it won’t fix actively exploited flaws in legacy CPE series devices, urges users to upgrade
More than 1,500 Zyxel CPE Series devices remain exposed to the internet.
New malware linked to DaggerFly espionage group targets Linux-based network devices
The threat has been used as part of the Lunar Peek campaign, targeting Linux-based network appliances.
Showing elements 921 - 930