#typosquatting

[ follow ]
#supply-chain #npm #zendesk-impersonation #helpdesk-ticket-fraud #rat-deployment #phishing #zendesk
Information security
fromTheregister
1 week ago

Scattered Lapsus$ Hunters stress testing Zendesk weak spots

Scattered Lapsus$ Hunters–style attackers are impersonating Zendesk portals using typosquatted domains and weaponized helpdesk tickets to steal credentials and deploy RATs.
Information security
fromIT Pro
1 week ago

The Scattered Lapsus$ Hunters group is targeting Zendesk customers - here's what you need to know

Scattered Lapsus$ Hunters is running a Zendesk-targeted phishing campaign using typosquatted domains, fake SSO portals, and fraudulent tickets to steal credentials and deliver malware.
#supply-chain
more#supply-chain
Information security
fromThe Hacker News
1 month ago

10 npm Packages Caught Stealing Developer Credentials on Windows, macOS, and Linux

Ten malicious npm packages deliver a multi-stage information stealer using obfuscation, fake CAPTCHA, IP fingerprinting, and a 24MB PyInstaller payload targeting Windows, Linux, and macOS.
Information security
fromIT Pro
1 month ago

Hackers are using these malicious npm packages to target developers on Windows, macOS, and Linux systems - here's how to stay safe

Typosquatted npm packages delivered a PyInstaller 24MB infostealer across Windows, macOS, and Linux using multi-layer obfuscation, fake CAPTCHA, and IP fingerprinting.
Information security
fromThe Hacker News
2 months ago

Malicious Rust Crates Steal Solana and Ethereum Keys - 8,424 Downloads Confirmed

Two malicious Rust crates impersonated fast_log to scan source code and exfiltrate Solana and Ethereum private keys to a hardcoded C2 endpoint.
[ Load more ]