Rogue NuGet Packages Infect .NET Developers with Crypto-Stealing Malware
This proves that no open-source repository is safe from malicious actors.
Read More...
New Cryptojacking Operation Targeting Kubernetes Clusters for Dero Mining
The novel Dero crypto jacking operation concentrates on locating Kubernetes clusters with anonymous access enabled on a Kubernetes API and listening on non-standard ports accessible from the internet
Read More...
Trojanized macOS Apps used to Deploy Evasive Cryptocurrency Mining Malware
This malware uses the Invisible Internet Project anonymous network layer (i2p) to download malicious components and send mined currency to the attacker's wallet
Read More...
Newly Uncovered PyPI Package Drops Fileless Cryptominer to Linux Systems
The module, named "secretslib" and downloaded 93 times before its deletion, was released to the Python Package Index (PyPI) on August 6, 2022, and is described as "secrets matching and verification made easy."
Read More...
Cloud-Based Cryptocurrency mining attacks abuse GitHub Actions and Azure VMSecurity Affairs
Researchers investigated cloud-based cryptocurrency mining attacks targeting GitHub Actions and Azure VMs. Researchers from Trend Micro published a report that details cloud-based cryptocurrency mining attacks targeting GitHub Actions and Azure VMs and the threat actors behind them. Threat actors are attempting to compromise a large number of cloud-based systems to mine cryptocurrency with a significant
Read More...