Dark Reading

UNC6692 Combines Social Engineering, Malware, Cloud Abuse

A newly discovered threat actor is using Microsoft Teams, AWS S3 buckets, and custom "Snow" malware in a multipronged ...
SecurityWeek

UNC6692 Uses Email Bombing, Social Engineering to Deploy ‘Snow’ Malware

The threat actor infected victims with the Snow malware family – Snowbelt, Snowglaze, and Snowbasin – for persistent access.

PyPI package with 1.1M monthly downloads hacked to push infostealer

An attacker pushed a malicious version of the popular elementary-data package Python Package Index (PyPI) to steal sensitive ...

New York Yankees and Rangers fans at high risk of password breach, with millions hacked, new study reveals

New York sports fans might want to switch up their passwords. A new study from Duelbits revealed that millions of sports fans ...

Open source package with 1 million monthly downloads stole user credentials

Open source software with more than 1 million monthly downloads was compromised after a threat actor exploited a ...
PCMag

I Asked AI to Generate Passwords. They're So Bad, It's Scary

You would think AI could create secure, random, and strong passwords, but that's not actually true. In many cases, ...