Cybersecurity company Censys has identified over 380,000 hosts that are still referencing the malicious polyfill.io domain. Censys reported that over 380,000 internet-exposed hosts are still referencing the malicious polyfill.io domain. The polyfill.io domain was suspended last week following multiple reports of malicious activity. The domain Polyfill.io was used to host JavaScript code that added modern […]
...moreSummary
Total Articles Found: 5
Top sources:
Top Keywords:
- supply chain attack: 5
- Breaking News: 3
- Hacking: 3
- hacking news: 3
- information security news: 3
Top Authors
- Pierluigi Paganini: 3
- Pieter Arntz: 1
- Dan Goodin: 1
Top Articles:
- PyTorch compromised to demonstrate dependency confusion attack on Python environments
- Polyfill.io Supply Chain Attack: 384,773 hosts still embedding a polyfill JS script linking to the malicious domain
- Approximatively 1,500 businesses impacted by the ransomware attack that hit Kaseya
- Microsoft, CISA and NSA offer security tools and advice, but will you take it?
- Google confirms that advanced backdoor came preinstalled on Android devices
Polyfill.io Supply Chain Attack: 384,773 hosts still embedding a polyfill JS script linking to the malicious domain
Published: 2024-07-05 11:32:00
Popularity: 16
Author: Pierluigi Paganini
Keywords:
LLM Says: ""JS attack detected""
PyTorch compromised to demonstrate dependency confusion attack on Python environments
Published: 2023-01-02 18:57:03
Popularity: 19
Author: Pierluigi Paganini
Keywords:
Threat actors compromised the PyTorch Machine Learning Framework by adding a malicious dependency. The maintainers of the PyTorch package warn of a supply chain attack. Users who have installed PyTorch-nightly on Linux via pip between December 25, 2022 and December 30, 2022, to uninstall it and use the latest binaries. “If you installed PyTorch-nightly on […] The post PyTorch compromised to demonstrate dependency confusion attack on Python environments appeared first on Security Affairs.
...moreMicrosoft, CISA and NSA offer security tools and advice, but will you take it?
Published: 2021-09-29 13:23:50
Popularity: None
Author: Pieter Arntz
Keywords:
Microsoft, CISA, and the NSA are individually offering tools and advice that aim to improve security for organizations. But will the targeted audience have the time and resources to accept that help? Categories: Opinion Tags: cisaEMemergency mitigation serviceEOLexchangeinsider risk mitigation self-assessment toolinsider threatmicrosoftNSAnsssupply chain attackvpn (Read more...) The post Microsoft, CISA and NSA offer security tools and advice, but will you take it? appeared first on Malwarebytes Labs.
...moreApproximatively 1,500 businesses impacted by the ransomware attack that hit Kaseya
Published: 2021-07-06 12:47:07
Popularity: 11
Author: Pierluigi Paganini
Keywords:
Kaseya confirmed that the REvil supply-chain ransomware attack hit fewer than 60 of its customers and their customers. Software provider Kaseya announced that fewer than 60 of its customers and less than 1,500 businesses have been impacted by the recent supply-chain ransomware attack. Up to 1,500 downstream organizations, which were customers of MSPs using Kaseya VSA management […] The post Approximatively 1,500 businesses impacted by the ransomware attack that hit Kaseya appeared first on Security Affairs.
...moreGoogle confirms that advanced backdoor came preinstalled on Android devices
Published: 2019-06-06 20:47:20
Popularity: None
Author: Dan Goodin
Keywords:
After Google successfully beat back Triada in 2017, its developers found a new way in.
...more