9Oca
GroupGreeting e-card site attacked in “zqxq” campaign
This article was researched and written by Stefan Dasic, manager, research and response for ThreatDown, powered by Malwarebytes Malwarebytes recently uncovered…
9Oca
New Banshee Stealer Variant Bypasses Antivirus with Apple’s XProtect-Inspired Encryption
Cybersecurity researchers have uncovered a new, stealthier version of a macOS-focused information-stealing malware called Banshee Stealer.
“Once thought dormant after its source code leak in late 2024, this new iteration introduces advanced string encr…
9Oca
what is this payload doing? [closed]
I received a piece of malicious code in one of the projects I am working on disguised as an empty txt file.
The code I am sharing now was then run in node.js with the function eval().
See flow of actions:
App.js entrypoint upon npm run sta…
9Oca
Product Walkthrough: How Reco Discovers Shadow AI in SaaS
As SaaS providers race to integrate AI into their product offerings to stay competitive and relevant, a new challenge has emerged in the world of AI: shadow AI.
Shadow AI refers to the unauthorized use of AI tools and copilots at organizations. F…
9Oca
Webinar: Learn How to Stop Encrypted Attacks Before They Cost You Millions
Ransomware isn’t slowing down—it’s getting smarter. Encryption, designed to keep our online lives secure, is now being weaponized by cybercriminals to hide malware, steal data, and avoid detection.The result? A 10.3% surge in encrypted attacks over the…
9Oca
MirrorFace Leverages ANEL and NOOPDOOR in Multi-Year Cyberattacks on Japan
Japan’s National Police Agency (NPA) and National Center of Incident Readiness and Strategy for Cybersecurity (NCSC) accused a China-linked threat actor named MirrorFace of orchestrating a persistent attack campaign targeting organizations, businesses,…
9Oca
Critical RCE Flaw in GFI KerioControl Allows Remote Code Execution via CRLF Injection
Threat actors are attempting to take advantage of a recently disclosed security flaw impacting GFI KerioControl firewalls that, if successfully exploited, could allow malicious actors to achieve remote code execution (RCE).
The vulnerability in questio…
9Oca
E.U. Commission Fined for Transferring User Data to Meta in Violation of Privacy Laws
The European General Court on Wednesday fined the European Commission, the primary executive arm of the European Union responsible for proposing and enforcing laws for member states, for violating the bloc’s own data privacy regulations.
The developmen…
9Oca
Ivanti Flaw CVE-2025-0282 Actively Exploited, Impacts Connect Secure and Policy Secure
Ivanti is warning that a critical security flaw impacting Ivanti Connect Secure, Policy Secure, and ZTA Gateways has come under active exploitation in the wild beginning mid-December 2024.
The security vulnerability in question is CVE-2025-0282 (CVSS s…
8Oca
Is it possible to get information about vulnerable and not fixed CPUs?
In the next months, I want to build a home server using this motherboard
and an Opteron 6100 CPU + libreboot or coreboot. There is only one problem: some old, unmaintained CPUs are vulnerable to Spectre or other CVEs. For example, I had an…
