Malicious Chrome Plugin Let Remote Attacker Steal keystroke and Inject Malicious Code

Researchers at Zimperium zLabs recently identified a new Chrome browser botnet called ‘Cloud9’ that is intent on stealing the following information using malicious extensions:- This method is becoming increasingly attractive for malware developers to target web browsers as they contain the most valuable information about a user. In the course of everyday activities, we can […]

Continue Reading

Check Point CloudGuard Spectral exposes new obfuscation techniques for malicious packages on PyPI

Highlights:  Check Point Research (CPR) detects a new and unique malicious package on PyPI, the leading package index used by developers for the Python programming language The new malicious package was designed to hide code in images and infect through open-source projects on Github CPR responsibly disclosed this information to PyPI, who removed the packages […]

Continue Reading

Experts warn of critical RCE in ConnectWise Server Backup Solution

ConnectWise has addressed a critical remote code execution vulnerability impacting Recover and R1Soft Server Backup Manager (SBM). According to the advisory published by ConnectWise, the vulnerability is an Improper Neutralization of Special Elements in Output Used by a Downstream Component. An attacker can exploit the vulnerability to execute remote code or directly access confidential data. […]

Continue Reading