security

security

Fake VS Code alerts on GitHub spread malware to developers

von BleepingComputer • 27.03.2026

A large-scale campaign is targeting developers on GitHub with fake Visual Studio Code (VS Code) security alerts posted in the Discussions section of various projects, to trick users into downloading m

Mehr lesen →

security

China Upgrades the Backdoor It Uses to Spy on Telcos Globally

von Darkreading • 27.03.2026

Chinese APT Red Menshen’s super-advanced BPFdoor malware defeats traditional cybersecurity protections. All telcos can do, really, is try hunting it down.

Mehr lesen →

soc

Pro-Iranian Hacking Group Claims Credit for Hack of FBI Director Kash Patel’s Personal Account

von SecurityWeek • 27.03.2026

The group that it was making available for download emails and other documents from Patel’s account.
The post Pro-Iranian Hacking Group Claims Credit for Hack of FBI Director Kash Patel’s Persona

Mehr lesen →

security

Apple says no one using Lockdown Mode has been hacked with spyware

von Hackernews • 27.03.2026

Comments

Mehr lesen →

security

Kimwolf Botnet Swamps Anonymity Network I2P

von KrebsonSecurity • 27.03.2026

For the past week, the massive „Internet of Things“ (IoT) botnet known as Kimwolf has been disrupting the The Invisible Internet Project (I2P), a decentralized, encrypted communications network designed to anonymize and secure online communications. I2P users started reporting disruptions in the network around the same time the Kimwolf botmasters began relying on it to evade takedown attempts against the botnet’s control servers.

Mehr lesen →

security

Patch Tuesday, February 2026 Edition

von KrebsonSecurity • 27.03.2026

Microsoft today released updates to fix more than 50 security holes in its Windows operating systems and other software, including patches for a whopping six „zero-day“ vulnerabilities that attackers are already exploiting in the wild.

Mehr lesen →

security

Please Don’t Feed the Scattered Lapsus ShinyHunters

von KrebsonSecurity • 27.03.2026

A prolific data ransom gang that calls itself Scattered Lapsus ShinyHunters (SLSH) has a distinctive playbook when it seeks to extort payment from victim firms: Harassing, threatening and even swatting executives and their families, all while notifying journalists and regulators… Read More »

Mehr lesen →

security

5 Free Things for Everybody

von shodan • 27.03.2026

Here are some of the free services that Shodan provides that don’t require any payment, don’t require a Shodan account and don’t require an API key:

1. Vulnerability Information

https://cvedb.shodan.io

The CVEDB website lets you explore known vulnerabilities and provides a free API to quickly get vulnerability

Mehr lesen →

security

Deep Dive: Malware Hunter

von shodan • 27.03.2026

There are many ways to track command & control servers from bad guys but they often rely on looking for indicators in the service metadata (ex. certificate information). Around a decade ago we developed a novel technique to proactively find the infrastructure: Malware Hunter. Malware Hunter finds command & control

Mehr lesen →

security

Deep Dive: http.favicon

von shodan • 27.03.2026

Favicons are the small icons that you see in the browser tab next to the website title or in your bookmarks. For example, the Shodan logo on the left side of the browser tab is the favicon:

They typically contain the logo of the company which gives them 2 functions:

Mehr lesen →

📅 Kalender