Emergencia de una Nueva Variante de TrickMo: Explotando TON C2 y SOCKS5 para Ataques de Red en Android Introducción a TrickMo El troyano bancario TrickMo ha evolucionado una vez más con la introducción de una nueva variante que utiliza The Open Network (TON) para sus operaciones de comando y control (C2). Este desarrollo ha levantado…
Emergence of a New TrickMo Variant: Exploiting TON C2 and SOCKS5 for Android Network Attacks Introduction to TrickMo The TrickMo banking trojan has evolved yet again with the introduction of a new variant that utilizes The Open Network (TON) for its command-and-control (C2) operations. This development has raised alarms among cybersecurity experts, especially as the…
Instructure’s Data Breach: A Wake-Up Call for the EdTech Sector Background and Context In recent years, the education technology (EdTech) sector has witnessed a surge in cyberattacks, with schools and universities increasingly becoming prime targets for hackers. The latest incident involves Instructure, the company behind the widely used Canvas learning management system (LMS), which recently…
La realidad de los equipos púrpuras: cerrando la brecha entre los equipos de seguridad rojos y azules Entendiendo el concepto de equipos púrpuras Los equipos púrpuras están diseñados para mejorar la colaboración y la comunicación entre dos componentes esenciales de la ciberseguridad: los equipos rojos (ofensivos) y los equipos azules (defensivos). La idea es que…
The Reality of Purple Teams: Bridging the Gap Between Red and Blue Security Teams Understanding the Concept of Purple Teams Purple teams are designed to enhance collaboration and communication between two essential components of cybersecurity: red teams (offensive) and blue teams (defensive). The idea is that these teams, which traditionally operate independently, can work together…
Checkmarx Jenkins Plugin Compromised: An Urgent Call for Security Vigilance Background: The Rise of Software Supply Chain Attacks In recent years, software supply chain attacks have emerged as a significant threat to organizations worldwide. These incidents typically involve compromising a legitimate software component to infiltrate target systems, leading to data breaches, operational disruptions, and even…
AI-Driven Threats: The Emergence of Zero-Day Exploits in Cybersecurity Background and Context The cybersecurity landscape is undergoing a seismic shift as artificial intelligence (AI) technologies evolve and become more accessible. Recent findings from the Google Threat Intelligence Group (GTIG) reveal the alarming emergence of a zero-day exploit likely generated using AI, targeting a widely used…
Critical Ollama Vulnerability Exposes Process Memory to Remote Attacks Background and Context In an age where cybersecurity threats are increasingly sophisticated, the recent disclosure of a vulnerability in Ollama serves as a stark reminder of the ongoing risks that organizations face. The flaw, tracked as CVE-2026-7482 and dubbed “Bleeding Llama” by the cybersecurity firm Cyera,…
Hackers Exploit Google Ads and Claude.ai Chats to Distribute Mac Malware Overview of the Malvertising Campaign Recent reports indicate that attackers are leveraging Google Ads alongside legitimate Claude.ai shared chats to execute a sophisticated malvertising campaign targeting Mac users. Individuals searching for “Claude mac download” may unknowingly encounter sponsored links that disrupt their search intent,…
Fake OpenAI Repository on Hugging Face Distributes Infostealer Malware Background and Context The recent discovery of a malicious repository on the Hugging Face platform has raised alarms in the cybersecurity community. This repository, which masqueraded as OpenAI’s “Privacy Filter” project, successfully infiltrated the trending list of Hugging Face, a popular platform known for its machine…