A new malware has been going around targeting content creators of YouTube. Reported by researchers at Intezer, YTStealer is likely being sold and distributed as MaaS (or Malware-as-a-Service). It’s goal is to steal authentication cookies from YouTube content creators. Many of the files in the malware are disguised as legitimate applications, specifically software typically used…

Continue Reading

Thousands of websites have been found to be infected with malicious code that redirects unsuspecting users. The malware compromises the websites through vulnerable themes or plugins. In a report by Sucuri, they explained how they’ve followed this malware campaign and found the websites with similar code injection to .KS (JavaScript) files. The code injection is…

Continue Reading

Earlier this week, Microsoft released dozens of new upgrades and fixes to vulnerabilities. Included in the updates are patches for 73 fixes, mostly deemed important with high CVE scores, and a fix for a zero-day vulnerability that has been actively exploited as of recent. The 0-day vulnerability (which stands for a vulnerability or bug that…

Continue Reading

F5 has released an advisory on their website disclosing a critical vulneraibility in BIG-IP products being exploited in the wild. Dubbed CVE-2022-1388 with a CVSS score of 9.8 (out of 10), it allows an attacker to bypass authentication, execute commands, delete all files and remove all traces in logs. A fix has been released for…

Continue Reading