• A critical vulnerability in Ray, an open-source AI framework that is widely utilized across various sectors, including education, cryptocurrency, and biopharma. This vulnerability, known as CVE-2023-48022, has been under active exploitation for the past seven months, allowing attackers to hijack computing power and leak sensitive data. The Discovery of CVE-2023-48022: ShadowRay Late in 2023, five […] The post Hackers Actively Exploiting Ray AI Framework Flaw to Hack Thousands of Servers appeared first on GBHackers on Security | #1 Globally Trusted…

    Β·

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

  • Cybersecurity researchers are warning that threat actors are actively exploiting a “disputed” and unpatched vulnerability in an open-source artificial intelligence (AI) platform called Anyscale Ray to hijack computing power for illicit cryptocurrency m…

    Β·

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

  • Hackers use 2FA (Two-Factor Authentication) phishing kits to overcome the additional security layer provided by 2FA.Β  These kits typically mimic legitimate login pages and prompt users to enter their credentials along with the one-time passcodes generated by their authenticator apps or sent via SMS. Through proactive threat hunting, Sekoia analysts uncovered a new and widespread […] The post New Tycoon 2FA Phishing Kit Attacking Microsoft 365 & Gmail Users appeared first on GBHackers on Security | #1 Globally Trusted Cyber…

    Β·

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

  • The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) sanctioned three cryptocurrency exchanges for offering services used to evade economic restrictions imposed on Russia following its invasion of Ukraine in early 2022. This in…

    Β·

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

  • Over 170,000 users have fallen victim to a meticulously orchestrated scheme exploiting the Python software supply chain. The Checkmarx Research team has uncovered a multi-faceted attack campaign that leverages fake Python infrastructure to distribute malware, compromising the security of countless developers and organizations. This article delves into the attack campaign, its impact on victims, the […] The post 170K+ Python Developers GitHub Accounts Hacked in Supply Chain Attack appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security…

    Β·

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

  • A new tool, GEOBOX, was advertised on the Dark Web that utilizes Raspberry Pi devices for fraud and anonymization, allowing users to spoof GPS locations, emulate network settings, mimic Wi-Fi access points, and bypass anti-fraud filters.Β  Criminals were using multiple GEOBOX devices as proxies to enhance anonymity during an online banking theft investigation. Attackers are […] The post Hackers Transform the Raspberry Pi into an Online Anonymity Tool appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security…

    Β·

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

  • Attackers are taking advantage of vulnerabilities in JetBrains Teamcity to distribute ransomware, coinminers, and backdoor payloads. Two critical vulnerabilities in the TeamCity On-Premises platform, identified as CVE-2024-27198 and CVE-2024-27199 by JetBrains, were published on March 4, 2024.Β  These flaws enable attackers to bypass authentication safeguards and take over compromised servers.Β  The confidentiality, integrity, and availability […] The post TeamCity Vulnerability Exploits Leads to Surge in Ransomware Attacks appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News…

    Β·

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

  • Attackers are taking advantage of vulnerabilities in JetBrains Teamcity to distribute ransomware, coinminers, and backdoor payloads. Two critical vulnerabilities in the TeamCity On-Premises platform, identified as CVE-2024-27198 and CVE-2024-27199 by JetBrains, were published on March 4, 2024.Β  These flaws enable attackers to bypass authentication safeguards and take over compromised servers.Β  The confidentiality, integrity, and availability […] The post TeamCity Vulnerability Exploits Leads to Surge in Ransomware Attacks appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News…

    Β·

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

  • Multiple threat actors are exploiting the recently disclosed security flaws in JetBrains TeamCity software to deploy ransomware, cryptocurrency miners, Cobalt Strike beacons, and a Golang-based remote access trojan called Spark RAT. The attacks entail …

    Β·

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

  • Cybersecurity researchers have discovered an updated variant of a stealer and malware loader called BunnyLoader that modularizes its various functions as well as allow it to evade detection. “BunnyLoader is dynamically developing malware with…

    Β·

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ