Socket Firewall
-
Researchers find 175 npm packages used to host phishing infrastructure in ‘Beamglea’ campaign
Researchers say 175 npm packages were used to host redirect scripts and HTML payloads for a credential-phishing campaign called Beamglea that has been downloaded about 26,000 times and targeted more than 135 companies worldwide.
-
SonicWall says unauthorized party accessed cloud firewall backup files
SonicWall said an unauthorized party accessed firewall configuration backup files stored in its cloud for all customers who used the cloud backup service; the files contain encrypted credentials and the company is urging users to check accounts and follow containment and remediation guidance.
-
Malicious PyPI package ‘soopsocks’ acted as SOCKS5 proxy and Windows backdoor, researchers say
Researchers say a PyPI package called soopsocks posed as a SOCKS5 proxy but included Windows backdoor capabilities, downloaded 2,653 times before removal; analysis attributes reconnaissance, privilege elevation, firewall changes and data exfiltration to a compiled executable and accompanying scripts.
