Month: October 2024
Oct 31, 2024Ravie LakshmananCryptocurrency / Software Development LottieFiles has revealed that its npm package “lottie-player” was compromised as part of a supply chain attack, prompting it to release an updated version of the library. “On October 30th ~6:20 PM UTC – LottieFiles were notified that our popular open source npm package for the web player…
Read More
The popular LottieFiles Lotti-Player project was compromised in a supply chain attack to inject a crypto drainer into websites using the library that steals visitors’ cryptocurrency. Blockchain threat monitoring platform Scam Sniffer reports that at least one victim allegedly lost $723,000 worth of Bitcoin due to the LottieFiles supply chain compromise. As discovered yesterday, following multiple…
Read More
Cost savings and business benefits were quantified in “The Total Economic Impact™ of Cynet All-in-One Security,” a commissioned study conducted by Forrester Consulting on behalf of Cynet in October 2024. The Total Economic Impact™ Study framework helps organizations understand the financial effects of their strategic technology investments. Based on interviewed customers with experience using Cynet, Forrester found…
Read More
A phishing campaign dubbed ‘Phish n’ Ships’ has been underway since at least 2019, infecting over a thousand legitimate online stores to promote fake product listings for hard-to-find items. Unsuspecting users clicking on those products are redirected to a network of hundreds of fake web stores that steal their personal details and money without shipping…
Read More
“The addition of Altair’s capabilities in simulation, high performance computing, data science, and artificial intelligence together with Siemens Xcelerator will create the world’s most complete AI-powered design and simulation portfolio,” said Roland Busch, President and CEO of Siemens AG. Software star Altair is being acquired by Siemens for a whopping $10.6 billion which Siemens says…
Read More
The Microsoft AI business overall is on track to become the ‘fastest business in our history’ to reach a $10 billion annual revenue run rate, CEO Satya Nadella said during the tech giant’s quarterly call Wednesday. Microsoft is continuing to generate rapid growth with its portfolio of AI offerings with Copilot seeing strong adoption and…
Read More
Oct 31, 2024The Hacker NewsIdentity Security / Browser Security In the modern, browser-centric workplace, the corporate identity acts as the frontline defense for organizations. Often referred to as “the new perimeter”, the identity stands between safe data management and potential breaches. However, a new report reveals how enterprises are often unaware of how their identities…
Read More
Oct 31, 2024Ravie LakshmananVulnerability / Website Security A high-severity security flaw has been disclosed in the LiteSpeed Cache plugin for WordPress that could allow an unauthenticated threat actor to elevate their privileges and perform malicious actions. The vulnerability, tracked as CVE-2024-50550 (CVSS score: 8.1), has been addressed in version 6.5.2 of the plugin. “The plugin…
Read More
LottieFiles announced that specific versions of its npm package carry malicious code that prompts users to connect their cryptocurrency wallets so they can be emptied. As discovered yesterday, following multiple user reports about strange code injections, the affected versions are Lottie Web Player (“lottie-player”) 2.0.5, 2.0.6, and 2.0.7, all published yesterday. LottieFiles quickly released a…
Read More
Cybercrime You may not always stop your personal information from ending up in the internet’s dark recesses, but you can take steps to protect yourself from criminals looking to exploit it 29 Oct 2024 • , 6 min. read How did 44% members of the European Parliament (MEPs) and 68% of British MPs let their…
Read More