Browsing tag
Cybersecurity company Rapid7 on Thursday revealed that unidentified actors improperly managed to get hold of a small portion of its source code repositories in the aftermath of the software supply chain compromise targeting Codecov earlier this year. “A small subset of our source code repositories for internal tooling for our [Managed Detection and Response] service […]
Click Studios, the Australian software company behind the Passwordstate password management application, has notified customers to reset their passwords following a supply chain attack. The Adelaide-based firm said a bad actor used sophisticated techniques to compromise the software’s update mechanism and used it to drop malware on user computers. The breach is said to have […]
A report from ZDNet has highlighted that some notorious hackers have been able to breach two services designed for websites. As a result, they’ve infected more than 4,600 websites with malicious code. The two services in question are open source Alpaca Forms and analytics service Picreel. These attacks were first spotted by security researcher Willem de […]
Consumer technology vendors often advise their customers to only install updates and patches only via the official channels to make sure that the integrity of the system is maintained. But what if your PC maker’s official update utility contains malware? That’s exactly what has happened with about 1 million owners of Asus computers. First reported […]
Security researcher Scott Helme discovered a third party accessibility plugin called ‘Browsealoud’. In the past 24 hours, it was found that several browsers were compromised. The plugin hides on the website, as it relies on the JavaScript to work. Now, this has caused nearly 4000 websites to facilitate itself as crypto mining malware. The malware […]