New Attack Let Attacker Collect and Spoof Browser’s Digital Fingerprints
A “potentially devastating and hard-to-detect threat” could be abused by attackers to collect users’ browser fingerprinting information with the goal of spoofing the victims without their knowledge, thus effectively compromising…
Popular NPM Package Hijacked to Publish Crypto-mining Malware
The U.S. Cybersecurity and Infrastructure Security Agency on Friday warned of crypto-mining and password-stealing malware embedded in “UAParser.js,” a popular JavaScript NPM library with over 6 million weekly downloads, days…
Researchers Discover Microsoft-Signed FiveSys Rootkit in the Wild
A newly identified rootkit has been found with a valid digital signature issued by Microsoft that’s used to proxy traffic to internet addresses of interest to the attackers for over…
Twitter accounts linked to cyberattacks against security researchers suspended
North Korean hackers are luring professionals with “zero-day vulnerability hype.” Read more from the Source