The SVG files, according to VirusTotal, are distributed via email and designed to execute an embedded JavaScript payload, ...

A simple typescript API for common auth utilities like hashing, encryption, encoding, and OTP generation. Built on top of Web Crypto APIs and it wraps over uncrypto to provide a unified API for both ...

There is an issue in Bruno when sending requests that include base64-encoded content. The request executes successfully only the first time, but once any modification is made to the base64 string ...

VirusTotal has used its AI Code Insight tool to uncover a year-long malware campaign that hid within SVG files to evade ...

IntroductionAPT37 (also known as ScarCruft, Ruby Sleet, and Velvet Chollima) is a North Korean-aligned threat actor active since at least 2012. APT37 primarily targets South Korean individuals ...

The package, named nodejs-smtp, impersonates the legitimate email library nodemailer with an identical tagline, page styling, ...

AWS disrupted a Russian watering hole campaign targeting Microsoft users via compromised websites redirecting users to malicious infrastructure.

Researchers have disrupted an operation attributed to Russian state-sponsored threat group Midnight Blizzard, who sought access to Microsoft 365 accounts and data.

ESET researchers have identified a new threat actor targeting Windows servers with a passive C++ backdoor and a malicious IIS ...

Look who's visiting the watering hole these days Amazon today said it disrupted an intel-gathering attempt by Russia's APT29 ...

The campaign shows APT29’s intentions to “cast a wider net in their intelligence collection efforts,” said Amazon ...

Representatives of Facebook are expected in the country tomorrow to hold discussions with government officials. Facebook is sending its representatives to the country following the temporary ban ...