🐍 Python developers beware! A malicious package named "crytic-compilers" was discovered on PyPI, designed to deliver the Lumma info stealer. Learn more: https://t.co/yvPXkmwgGX #cybersecurity #technews #malware

I run this thing called Portmaster which blocks all outgoing network requests until I allow them. The reason? Microsoft Edge _WEBVIEW_ as in, the component that's in everything in Windows, is now trying to phone home to ChatGPT:

https://t.co/3sjkjd5eJx

A malicious Python package, pytoileur, has been found in PyPI, aiming at #cryptocurrency theft. Downloaded 316 times and re-uploaded after removal, this highlights significant risks in open-source ecosystems. Learn more: https://t.co/EqbHyIJ8hJ #cybersecurity

The DoJ just busted a massive scam involving North Korean IT workers infiltrating major US companies. They had some help in the US and were posing as remote freelancers to siphon off money and sensitive info. Holy crap, here's what we know:

Microsoft has identified a new North Korean threat actor, now tracked as Moonstone Sleet (formerly Storm-1789) #Lazarus https://t.co/uZvWIrcNMP

tl;dr Microsoft introduces 24/7 surveillance functionality for the NSA and/or CIA but markets it as a feature that you'll like

Foxit PDF Reader users, beware! A design flaw is being weaponized to deliver malware including Agent Tesla, AsyncRAT, DCRat, NanoCore RAT, NjRAT, Pony, Remcos RAT, and XWorm. Learn more: https://t.co/LdsYX0gpsN #infosec #hacking #cybersecurity

Microsoft May 3rd, 2024: We must prioritize security above all else Microsoft May 19th, 2024:

😐

Exploiting an authenticated root command execution vulnerability in Hive camera HCI002UK Credits @boredpentester https://t.co/fsiYUB33wk #iot #infosec

Today has been a whirling wind of chaos. tl;dr we don't know anything. We need solid proof. First, earlier this morning the current owner of Doxbin, Operator, was allegedly beaten and kidnapped. Footage released by the would-be kidnappers shows, presumably Operator, tied to a

Encrypted mail service Proton confirmed handing PII to cops again

Analysing a NSO iOS Spyware Sample(#blastpass) CVE-2023-41064 + CVE-2023-41061 + WebP Vulnerability CVE-2023-4863 https://t.co/BXKmQ2k3yt REF: https://t.co/Sh5LijD98h

HardeningMeter - Open-Source Python Tool Carefully Designed To Comprehensively Assess The Security Hardening Of Binaries And Systems

( ͡° ͜ʖ ͡°)

Yesterday The New York Times unveiled that General Motor's had accidentally enrolled millions of people into its "OnStar Smart Driver+" program. If consumers chose to not enroll through the phone app – it would do it anyways. Unenrolling requires consumers to contact OnStar

Delta Dental says data breach exposed info of 7 million people - @billtoulas https://t.co/hlUc8dpIp5 https://t.co/hlUc8dpIp5

2023-12-15 (Friday): #TA577 pushing #Pikabot again this week. Here are IOCs from an infection run we generated today: https://t.co/XCCRyFaVyg #TimelyThreatIntel #Unit42ThreatIntel #Wireshark #MalwareTraffic #IndicatorsOfCompromise

Supply Chain Poisoning of 7ZIP on the Microsoft App Store #APT https://t.co/yPFlXbZPzu