Security
Headlines
HeadlinesLatestCVEs

Tag

#backdoor

When bots commit: AI-generated code in open source projects

Open source software is the backbone of the modern technology landscape. Enterprises small and large, across industries, rely on open source projects to power critical applications and infrastructure. With the rise of AI-driven code generation tools, developers have a whole new frontier to explore. But while AI-generated contributions might supercharge productivity, they also raise new concerns around security, safety and governance. Below we explore the dynamics of open source projects, how AI-generated code can influence enterprise software and what considerations and best practices you shou

Red Hat Blog
Open in Source
#sql#xss#vulnerability#web#linux#red_hat#apache#git#intel#backdoor#perl#auth#ibm
Russian Hackers Exploit CVE-2025-26633 via MSC EvilTwin to Deploy SilentPrism and DarkWisp

The threat actors behind the zero-day exploitation of a recently-patched security vulnerability in Microsoft Windows have been found to deliver two new backdoors called SilentPrism and DarkWisp. The activity has been attributed to a suspected Russian hacking group called Water Gamayun, which is also known as EncryptHub and LARVA-208. "The threat actor deploys payloads primarily by means of

Gamaredon campaign abuses LNK files to distribute Remcos backdoor

Cisco Talos is actively tracking an ongoing campaign, targeting users in Ukraine with malicious LNK files which run a PowerShell downloader since at least November 2024.

Aussie Fintech Vroom Exposes Thousands of Records After AWS Misconfiguration

Cybersecurity researcher Jeremiah Fowler discovered a data exposure at Australian fintech Vroom by YouX, exposing 27,000 records, including driver's licenses, bank statements, and more.

New npm Malware Attack Infects Popular Ethereum Library with Backdoor

Security researchers at ReversingLabs have discovered a new malware campaign on the npm package repository, revealing a new…

New SparrowDoor Backdoor Variants Found in Attacks on U.S. and Mexican Organizations

The Chinese threat actor known as FamousSparrow has been linked to a cyber attack targeting a trade group in the United States and a research institute in Mexico to deliver its flagship backdoor SparrowDoor and ShadowPad. The activity, observed in July 2024, marks the first time the hacking crew has deployed ShadowPad, a malware widely shared by Chinese state-sponsored actors. "FamousSparrow

EncryptHub Exploits Windows Zero-Day to Deploy Rhadamanthys and StealC Malware

The threat actor known as EncryptHub exploited a recently-patched security vulnerability in Microsoft Windows as a zero-day to deliver a wide range of malware families, including backdoors and information stealers such as Rhadamanthys and StealC. "In this attack, the threat actor manipulates .msc files and the Multilingual User Interface Path (MUIPath) to download and execute malicious payload,

How to Avoid US-Based Digital Services—and Why You Might Want To

Amid growing concerns over Big Tech firms aligning with Trump administration policies, people are starting to move their digital lives to services based overseas. Here's what you need to know.

UAT-5918 targets critical infrastructure entities in Taiwan

UAT-5918, a threat actor believed to be motivated by establishing long-term access for information theft, uses a combination of web shells and open-sourced tooling to conduct post-compromise activities to establish persistence in victim environments for information theft and credential harvesting.

New ‘Rules File Backdoor’ Attack Lets Hackers Inject Malicious Code via AI Code Editors

Cybersecurity researchers have disclosed details of a new supply chain attack vector dubbed Rules File Backdoor that affects artificial intelligence (AI)-powered code editors like GitHub Copilot and Cursor, causing them to inject malicious code. "This technique enables hackers to silently compromise AI-generated code by injecting hidden malicious instructions into seemingly innocent