GitHub

powershell_fileless_script_contains_base64_encoded_content.yml

description: The following analytic detects the execution of PowerShell scripts containing Base64 encoded content, specifically identifying the use of `FromBase64String`. It leverages PowerShell ...
GitHub

VictorModi/SiNiSistar2-Save-Converter

Customer stories Events & webinars Ebooks & reports Business insights GitHub Skills ...
SecurityWeek

GlassWorm Botnet Disrupted

The four C&C channels used by GlassWorm, the botnet targeting open source software developers, have been disrupted.
Infosecurity Magazine

CrowdStrike, Google Take Down Glassworm Botnet

An industry effort involving CrowdStrike, Google and the Shadowserver Foundation has led to the disruption of the Glassworm ...
The Hacker News

ThreatsDay Bulletin: AI Agents Gone Wrong, Sketchy C2 Tools, ClickFix Tricks, JS Backdoors ...

Weekly ThreatsDay recap: old bugs, fake tools, shady payload tricks, AI mishaps, and the usual reminder that the internet is ...

Forcepoint details TeamPCP supply chain attack that turned LiteLLM into a credential stealer

A new report out today from cybersecurity company Forcepoint LLC’s X-Labs research team details a supply chain attack that compromised LiteLLM, a widely used open-source Python ...

CrowdStrike, Google shatter Glassworm botnet

CrowdStrike, working with Google and the Shadowserver Foundation, said it has taken down the Glassworm botnet, a ...
Infosecurity-magazine.com

Malicious Hugging Face Repository Typosquats OpenAI

Security researchers have uncovered covert infostealer malware hidden in one of the top-ranking repositories on Hugging Face, in another example of the dangers posed by the AI supply chain. AI ...
Techzine Europe

CrowdStrike takes down Glassworm botnet

CrowdStrike, in collaboration with Google and the Shadowserver Foundation, has dismantled an international botnet that ...