heise online

Infostealer on AI platform Hugging Face disguised as OpenAI repository

In early May, a repository appeared on Hugging Face that disguised itself as an OpenAI model and installed an infostealer on Windows systems. The attackers used typosquatting and distributed the ...
heise online

"Copy Fail": Linux root in all major distributions with 732 bytes of Python

IT researchers have discovered a vulnerability in the Linux kernel that attackers can exploit to gain root privileges. The discoverers have named the vulnerability “Copy Fail.” Virtually all Linux ...
Dark Reading

'CloudImposer' Flaw in Google Cloud Affected Millions of Servers

Google has patched a flaw in its Google Cloud Platform (GCP) that attackers could have exploited to execute a supply chain attack on millions of customer cloud servers, simply by deploying a single ...
GitHub

Python Script for ESXi Imaging

The Python Script for ESXi Imaging creates an ESXi ISO image with an installation script (kickstart file) from the base ISO image to automate ESXi installation and configuration for VMware vSphere ...
WeLiveSecurity

Introducing Nimfilt: A reverse-engineering tool for Nim-compiled binaries

Available as both an IDA plugin and a Python script, Nimfilt helps to reverse engineer binaries compiled with the Nim programming language compiler by demangling package and function names, and ...
WeLiveSecurity

MoustachedBouncer: Espionage against foreign diplomats in Belarus

MoustachedBouncer is a cyberespionage group discovered by ESET Research and first publicly disclosed in this blogpost. The group has been active since at least 2014 and only targets foreign embassies ...