Infosecurity News

Researchers Find Security Flaw in JsonWebToken Library Used By 20,000+ Projects
An attacker could perform RCE on a server verifying a maliciously crafted JWT request

GitHub Adds Features to Automate Vulnerability Code Scanning
Called “default setup,” the novel capability simplifies starting code scanning on repositories

UK Charities Offered Free Cyber Essentials Support
The NCSC’s new Funded Cyber Essentials Programme will support SMEs as well as charities

Ukraine: Russian Cyber-Attacks Should Be Considered War Crimes
A Ukrainian official revealed that evidence of Russian cyber-attacks are being gathered to support potential war crime prosecutions

Freejacking Campaign By PurpleUrchin Bypasses Captchas
The threat actors also deployed more aggressive techniques for mining CPU resources

ChatGPT Used to Develop New Malicious Tools
These include infostealers, multi-layer encryption tools and dark web marketplace scripts

Dark Web Actors Fight For Drug Trafficking and Illegal Pharmacy Supremacy
Following the takedown of the Hydra Marketplace in 2022, 10 darknet markets rose to fill the void

Global Cyber-Attack Volume Surges 38% in 2022
Last year was also worst on record for UK businesses

Threat Actors Spread RAT Via Pokemon NFT Card Site
Phishing page lures unsuspecting users into installing remote access malware

FCC Wants to Accelerate Breach Reporting for Telcos
Proposals designed to strengthen consumer protections

WhatsApp Unveils Proxy Support to Tackle Internet Censorship
The Meta-owned firm also compiled a guide designed to help users set up their own proxy servers

Blind Eagle Hacking Group Targets South America With New Tools
Security experts from Check Point Research unveiled the findings in a new advisory