article thumbnail

npm libraries coa and rc. have been hijacked to deliver password-stealing malware

Security Affairs

Two popular npm libraries, coa and rc. have been hijacked, threat actors replaced them with versions laced with password-stealing malware. The security team of the npm JavaScript package warns that two popular npm libraries, coa and rc. The post npm libraries coa and rc. while compromised rc versions are 1.2.9,

Libraries 329
article thumbnail

Internet Archive data breach impacted 31M users

Security Affairs

” The Internet Archive is an American nonprofit digital library website that provides free access to collections of digitized materials including websites, software applications, music, audiovisual, and print materials. As of September 5, 2024, the Internet Archive held more than 42.1 million print materials, 13 million videos, 1.2

Archiving 304
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Rhysida ransomware gang is auctioning data stolen from the British Library

Security Affairs

The Rhysida ransomware group claimed responsibility for the recent cyberattack on the British Library that has caused a major IT outage. The Rhysida ransomware gang added the British Library to the list of victims on its Tor leak site. It is one of the largest libraries in the world. ” reads the announcement.

Libraries 351
article thumbnail

A backdoor mechanism found in tens of Ruby libraries

Security Affairs

Maintainers of the RubyGems package repository have removed 18 malicious versions of 11 Ruby libraries that contained a backdoor. Maintainers of the RubyGems package repository have discovered a backdoor mechanism in 18 malicious versions of 11 Ruby libraries. It overloaded the #authenticate method on the Identity class.

Libraries 278
article thumbnail

Backdoor mechanism found in Ruby strong_password library

Security Affairs

The developer Tute Costa found a backdoor in the Ruby library during regular security audits before deploying his code in the production environment. The developer Tute Costa found a backdoor in the Ruby library during regular security audits. The attacker created a new version of the library (version 0.0.7 version 0.0.7

Libraries 266
article thumbnail

Trend Micro addressed two DLL Hijacking flaws in Trend Micro Password Manager

Security Affairs

Trend Micro addressed 2 DLL hijacking flaws in Trend Micro Password Manager that could allow malicious actors to escalate privileges and much more. “ SafeBreach Labs discovered a new vulnerability in Trend Micro Password Manager software.” ” reads the post published by SafeBreach. Another researcher, Tr?n

Passwords 270
article thumbnail

Two Linux botnets already exploit Log4Shell flaw in Log4j

Security Affairs

Immediately after the disclosure of the Log4Shell flaw in Log4j library threat actors started including the exploit code in Linux botnets. Researchers at NetLab 360 reported that their Anglerfish and Apacket honeypots were already hit by attacks attempting to trigger the Log4Shell flaw in the Log4j library.

Honeypots 363