PyPI now blocks domain resurrection attacks used for hijacking accounts

Por
Picus Blue Report 2025

The Python Package Index (PyPI) has introduced new protections against domain resurrection attacks that enable hijacking accounts through password resets. PyPI is the official repository for open-source Python packages. It is used by software developers, product maintainers, and companies working with Python libraries, tools, and frameworks. Accounts of project maintainers publishing software on PyPI are … Ler mais

Nova pesquisa expõe endereços de e -mail e tendências de recrutamento dos trabalhadores da RPDC de TI

Por
New Research Exposes DPRK IT Workers' Email Addresses and Recruitment Trends

A nova pesquisa de segurança cibernética revelou detalhes importantes sobre como os profissionais de TI afiliados à RPDC, que se enquadram no grupo de atores de ameaças “Sleet Jasper Sleet” da Microsoft, opera. Eles aproveitam as oportunidades de trabalho remotas nas indústrias Web3, Blockchain e Cryptocurrency para obter acesso não autorizado às redes da empresa. … Ler mais

Novas pesquisas revelam vulnerabilidades de segurança vinculadas a aplicativos VPN populares

Por
New Research Reveals Security Vulnerabilities Linked to Popular VPN Apps

Os pesquisadores descobriram práticas enganosas entre os principais provedores de VPN, vinculando entidades aparentemente independentes a três “famílias” distintas com downloads combinados de lojas do Google Play com 700 milhões. Ao analisar arquivos de negócios, artefatos de APK e comunicações de rede, a equipe identificou grupos de fornecedores que ofuscam sua propriedade comum, muitas vezes … Ler mais

Okta open-sources catalog of Auth0 rules for threat detection

Por
Picus Blue Report 2025

Okta has open-sourced ready-made Sigma-based queries for Auth0 customers to detect account takeovers, misconfigurations, and suspicious behavior in event logs. Auth0 is Okta’s identity and access management (IAM) platform used by organizations for login, authentication, and user management services. By releasingg the detection rules, the companyaims to help security teams quickly analyze Auth0 logs for … Ler mais

Okta open-sources Auth0 rules catalog for threat detection

Por
Picus Blue Report 2025

Okta has open-sourced ready-made Sigma-based queries for Auth0 customers to detect account takeovers, misconfigurations, and suspicious behavior in event logs. Auth0 is Okta’s identity and access management (IAM) platform used by organizations for login, authentication, and user management services. By releasingg the detection rules, the companyaims to help security teams quickly analyze Auth0 logs for … Ler mais

Microsoft shares workaround for Teams "couldn't connect" error

Por
Picus Blue Report 2025

Microsoft is resolving a known issue that causes “couldn’t connect” errors when launching the Microsoft Teams desktop and web applications. The company states that the error is caused by a recent change to Teams’ sidebar, but has yet to disclose which regions are affected by this ongoing issue. While Microsoft has yet to share more … Ler mais

Noodlophile Stealer evolution – Security Affairs

Por
Noodlophile Stealer evolution - Security Affairs

Noodlophile Stealer evolution Noodlophile malware spreads via copyright phishing, targeting firms in the U.S., Europe, Baltics & APAC with tailored spear-phishing lures. The Noodlophile malware campaign is expanding globally, using spear-phishing emails disguised as copyright notices. Threat actors tailor lures with details like Facebook Page IDs and company ownership data. Active for over a year, … Ler mais

Mobile Phishers direciona clientes de corretagem no esquema de caixa ‘rampa e despejo’

Por
Mobile Phishers Target Brokerage Customers in 'Ramp and Dump' Cashout Scheme

Grupos cibercriminais especializados em kits avançados de phishing móvel desenvolveram suas operações além de roubar dados do cartão de pagamento para a inscrição em carteira móvel, agora girando para explorar contas de corretagem em esquemas sofisticados de ‘rampa e dump’. Essa mudança, conforme detalhada em pesquisas recentes de especialistas em segurança, aproveita as credenciais do … Ler mais

Public Exploit Released for Critical SAP NetWeaver Flaw

Por
Public Exploit Released for Critical SAP NetWeaver Flaw

A critical vulnerability in SAP NetWeaver AS Java Visual Composer, tracked as CVE-2025-31324, is now being widely exploited following the release of public exploit tooling. The flaw, patched in April 2025, allows unauthenticated remote code execution via the platform’s metadata uploader endpoint. What’s new is the public availability of the full source code, which makes … Ler mais

Elastic rejects claims of a zero-day RCE flaw in Defend EDR

Por
Picus Red Report 2025

Enterprise search and security company Elastic is rejecting reports of a zero-day vulnerability impacting its Defend endpoint detection and response (EDR) product. The company’s statement follows a blog post froma company called AshES Cybersecurityclaiming to have discovereda remote code execution (RCE) flaw in Elastic Defend that would allow an attacker to bypass EDR protections. Elastic’s … Ler mais