Watch Out: These PyPI Python Packages Can Drain Your Crypto Wallets

Actualités
Threat hunters have discovered a set of seven packages on the Python Package Index (PyPI) repository that are designed to steal BIP39 mnemonic phrases used for recovering private keys of a cryptocurrency wallet. The software supply chain attack campaign has been codenamed BIPClip by ReversingLabs. The packages were collectively downloaded 7,451 times prior to them being removed from
Read More

CTEM 101 – Go Beyond Vulnerability Management with Continuous Threat Exposure Management

Actualités
In a world of ever-expanding jargon, adding another FLA (Four-Letter Acronym) to your glossary might seem like the last thing you’d want to do. But if you are looking for ways to continuously reduce risk across your environment while making significant and consistent improvements to security posture, in our opinion, you probably want to consider establishing a Continuous Threat Exposure
Read More

Malware Campaign Exploits Popup Builder WordPress Plugin to Infect 3,900+ Sites

Actualités
A new malware campaign is leveraging a high-severity security flaw in the Popup Builder plugin for WordPress to inject malicious JavaScript code. According to Sucuri, the campaign has infected more than 3,900 sites over the past three weeks. "These attacks are orchestrated from domains less than a month old, with registrations dating back to February 12th, 2024," security researcher
Read More

South Korean Citizen Detained in Russia on Cyber Espionage Charges

Actualités
Russia has detained a South Korean national for the first time on cyber espionage charges and transferred from Vladivostok to Moscow for further investigation. The development was first reported by Russian news agency TASS. “During the investigation of an espionage case, a South Korean citizen Baek Won-soon was identified and detained in Vladivostok, and put into custody under a court
Read More

Incognito Darknet Market Mass-Extorts Buyers, Sellers (Krebs on Security)

Actualités
Borrowing from the playbook of ransomware purveyors, the darknet narcotics bazaar Incognito Market has begun extorting all of its vendors and buyers, threatening to publish cryptocurrency transaction and chat records of users who refuse to pay a fee ranging from $100 to $20,000. The bold mass extortion attempt comes just days after Incognito Market administrators reportedly pulled an “exit scam” that left users unable to withdraw millions of dollars worth of funds from the platform. An extortion message currently on the Incognito Market homepage. In the past 24 hours, the homepage for the Incognito Market was updated to include a blackmail message from its owners, saying they will soon release purchase records of vendors who refuse to pay to keep the records confidential. “We got one final little nasty surprise…
Read More

Incognito Darknet Market Mass-Extorts Buyers, Sellers (Krebs on Security)

Actualités, Sécurité
Borrowing from the playbook of ransomware purveyors, the darknet narcotics bazaar Incognito Market has begun extorting all of its vendors and buyers, threatening to publish cryptocurrency transaction and chat records of users who refuse to pay a fee ranging from $100 to $20,000. The bold mass extortion attempt comes just days after Incognito Market administrators reportedly pulled an “exit scam” that left users unable to withdraw millions of dollars worth of funds from the platform. An extortion message currently on the Incognito Market homepage. In the past 24 hours, the homepage for the Incognito Market was updated to include a blackmail message from its owners, saying they will soon release purchase records of vendors who refuse to pay to keep the records confidential. “We got one final little nasty surprise…
Read More

Incognito Darknet Market Mass-Extorts Buyers, Sellers

Actualités
Borrowing from the playbook of ransomware purveyors, the darknet narcotics bazaar Incognito Market has begun extorting all of its vendors and buyers, threatening to publish cryptocurrency transaction and chat records of users who refuse to pay a fee ranging from $100 to $20,000. The bold mass extortion attempt comes just days after Incognito Market administrators reportedly pulled an “exit scam” that left users unable to withdraw millions of dollars worth of funds from the platform. An extortion message currently on the Incognito Market homepage. In the past 24 hours, the homepage for the Incognito Market was updated to include a blackmail message from its owners, saying they will soon release purchase records of vendors who refuse to pay to keep the records confidential. “We got one final little nasty surprise…
Read More