Jan 1, 2025 | Podcast
https://www.fortinet.com/blog/threat-research/analyzing-malicious-intent-in-python-code Cybersecurity researchers have discovered malicious packages uploaded to the Python Package Index (PyPI) and the Visual Studio Code Marketplace. These packages, disguised as...
Dec 31, 2024 | Podcast
https://www.cyberhaven.com/blog/cyberhavens-chrome-extension-security-incident-and-what-were-doing-about-it A sophisticated cyberattack has compromised at least 35 Chrome browser extensions, potentially exposing over 2.6 million users to data theft and credential...
Dec 30, 2024 | Podcast
https://arxiv.org/pdf/2412.13459 A new study reveals a significant problem with inauthentic “stars” being used to artificially inflate the popularity of scam and malware distribution repositories on GitHub. These fake stars mislead users into trusting...
Dec 27, 2024 | Podcast
https://www.sonatype.com/blog/counterfeit-eslint-and-node-types-libraries-downloaded-thousands-of-times-abuse-pastebin Cybersecurity researchers have discovered a wave of malicious npm packages and Visual Studio Code (VSCode) extensions targeting developers. These...
Dec 26, 2024 | Podcast
https://unit42.paloaltonetworks.com/using-llms-obfuscate-malicious-javascript Cybersecurity researchers from Palo Alto Networks warn that large language models (LLMs) can be used by malicious actors to generate undetectable malware variants. LLMs, despite limitations...
Dec 25, 2024 | Podcast
https://medium.com/@amitassaraf/vscode-extension-trivia-real-or-cake-f729adc9e03e Cybersecurity researchers have discovered a wave of malicious Visual Studio Code extensions designed to steal credentials from developers. These extensions, disguised as legitimate tools...
