The recently disclosed critical security flaw impacting Apache ActiveMQ is being actively exploited by threat actors to distribute a new Go-based botnet called GoTitan as well as a .NET program known as PrCtrl Rat that's capable of remotely commandeering the infected hosts.

DJVU, in itself a variant of the STOP ransomware, typically arrives on the scene masquerading as legitimate services or applications. It's also delivered as a payload of SmokeLoader.

A significant aspect of DJVU attacks is the deployment of additional malware, such as information stealers (e.g., RedLine Stealer and Vidar), making them more damaging in nature.

In the latest attack chain documented by Cybereason, Xaro is propagated as an archive file from a dubious source that masquerades as a site offering legitimate freeware.

The campaign first came to light in late July 2023 when Sophos detailed a cluster of 40 credential-harvesting apps targeting customers of Bank Mellat, Bank Saderat, Resalat Bank, and Central Bank of Iran.

The primary goal of the bogus apps is to trick victims into granting them extensive permissions as well as harvest banking login credentials and credit card details by abusing Android's accessibility services.

Google has fixed the sixth Chrome zero-day vulnerability this year in an emergency security update released today to counter ongoing exploitation in attacks.

The company acknowledged the existence of an exploit for the security flaw (tracked as CVE-2023-6345) in a new security advisory published today.

"Google is aware that an exploit for CVE-2023-6345 exists in the wild," the company said.

Many voters are questioning the integrity of electronic voting machines after an obscure race for parish sheriff in northwest Louisiana led to a seemingly improbable result. The Democratic candidate, Henry Whitehorn (D), received 21,621 votes and the Republican candidate, John Nickleson (R), got 21,620. John Nickelson, the Republican candidate, announced on social media that he has requested a recount.

Check if file block cloning is on and disable it – or upgrade to 2.2.1 ASAP

Haha, some American AI said the US’ moon landing was fake, and there’s nothing wrong with the Chinese lunar rover photo. Putin said it’s “very interesting.” Many Chinese netizens find it interesting too

Webmaster addition: I guess AI has a long way to go!

Miscreants are actively exploiting two new zero-day vulnerabilities to wrangle routers and video recorders into a hostile botnet used in distributed denial-of-service attacks, researchers from networking firm Akamai said Thursday.

Insider reported:

The deployment of AI-controlled drones that can make autonomous decisions about whether to kill human targets is moving closer to reality, The New York Times reported.

Pennsylvania voters are doubting the integrity of local elections in the swing county of Northampton after issues with touchscreen voting devices arose on the most recent Election Day. The glitches were similar to those seen in the county’s 2019 judges race.