Published through five accounts, the extensions appear part of a coordinated campaign based on shared C&C infrastructure.
The post 100 Chrome Extensions Steal User Data, Create Backdoor appeared first on SecurityWeek.
Chinese Hackers Caught Deep Within Telecom Backbone Infrastructure
The state-sponsored threat actor deployed kernel implants and passive backdoors enabling long-term, high-level espionage.
The post Chinese Hackers Caught Deep Within Telecom Backbone Infrastructure appeared first on SecurityWeek.
‘DKnife’ Implant Used by Chinese Threat Actor for Adversary-in-the-Middle Attacks
Used since at least 2019, DKnife has been targeting the desktop, mobile, and IoT devices of Chinese users.
The post ‘DKnife’ Implant Used by Chinese Threat Actor for Adversary-in-the-Middle Attacks appeared first on SecurityWeek.
Chrome, Edge Extensions Caught Tracking Users, Creating Backdoors
The extensions were seen profiling users, reading cookie data to create unique identifiers, and executing payloads with browser API access.
The post Chrome, Edge Extensions Caught Tracking Users, Creating Backdoors appeared first on SecurityWeek.
Microsoft Dissects PipeMagic Modular Backdoor
PipeMagic, which poses as a ChatGPT application, is a modular malware framework that provides persistent access and flexibility.
The post Microsoft Dissects PipeMagic Modular Backdoor appeared first on SecurityWeek.
Flaws in Gigabyte Firmware Allow Security Bypass, Backdoor Deployment
Vulnerabilities in Gigabyte firmware implementations could allow attackers to disable Secure Boot and execute code during the early boot phase.
The post Flaws in Gigabyte Firmware Allow Security Bypass, Backdoor Deployment appeared first on SecurityWeek.
Encryption Backdoors: The Security Practitioners’ View
After decades of failed attempts to access encrypted communications, governments are shifting from persuasion to coercion—security experts say the risks are too high.
The post Encryption Backdoors: The Security Practitioners’ View appeared first on SecurityWeek.
React Native Aria Packages Backdoored in Supply Chain Attack
A threat actor published backdoored versions of 17 NPM packages from GlueStack in a fresh supply chain attack.
The post React Native Aria Packages Backdoored in Supply Chain Attack appeared first on SecurityWeek.
Backdoored Open Source Malware Repositories Target Novice Cybercriminals
A threat actor has been creating backdoored open source malware repositories to target novice cybercriminals and game cheaters.
The post Backdoored Open Source Malware Repositories Target Novice Cybercriminals appeared first on SecurityWeek.
MITRE Hackers’ Backdoor Has Targeted Windows for Years
Windows versions of the BrickStorm backdoor that the Chinese APT used in the MITRE hack last year have been active for years.
The post MITRE Hackers’ Backdoor Has Targeted Windows for Years appeared first on SecurityWeek.
