Dark Reading

Attackers Exploit 'EvilVideo' Telegram Zero-Day to Hide Malware

Telegram has patched a zero-day flaw found in older versions of its chat and media-sharing application for Android that allows attackers to hide malicious payloads in video files. "Using the exploit … ...
Bleeping Computer

Malvertising Attack Sneaks JavaScript Payload in Polyglot Images

A new malvertising attack observed in the wild relies on a less used technique to hide the malicious payload. The authors turned to polyglot images to add the JavaScript code that redirects to a page ...
Bleeping Computer

Gitpaste-12 worm botnet returns with 30+ vulnerability exploits

Recently discovered Gitpaste-12 worm that spreads via GitHub and also hosts malicious payload on Pastebin, has returned with even more exploits. The first iteration of Gitpaste-12 shipped with reverse ...
Infosecurity-magazine.com

Active Campaign Exploits Cloud Flaws for Cryptomining

An active campaign is exploiting various vulnerabilities and misconfigurations across cloud environments to deploy cryptominers, according to research from Wiz. The ...