Tech News

Researchers find a PyPI Package that Drops File-less Cryptominer to systems

Researchers find a PyPI Package that Drops File-less Cryptominer to systems

Researchers have found a new PyPI package named ‘secretslib‘ that drops file-less crypto-miner to the memory of Linux machine systems. The package in question (now gone from the PyPI) was named “secretslib” which “describes itself as ‘secrets matching and verification made easy’,” according to Sonatype Researchers Who have found it. It achieves this by executing a Linux …

Researchers find a PyPI Package that Drops File-less Cryptominer to systems Read More »

9,000 VNC servers are at risk of being exposed online

9,000 VNC servers are at risk of being exposed online

Security Researchers have discovered at least 9,000 exposed VNC (virtual network computing) servers that can be exposed online due to not using any authentication. It will allow threat actors to easily access their internal networks. Virtual Network Computing is a graphical desktop-sharing system that uses the Remote Frame Buffer protocol to remotely control another computer. …

9,000 VNC servers are at risk of being exposed online Read More »

Xiaomi Phones are Vulnerable to Forged Payments

Xiaomi Phones are Vulnerable to Forged Payments

Security researchers of CheckPoint found the payment system built into Xiaomi smartphones powered by MediaTek chips is Vulnerable to Forged Payments.  From the analysis, they identified vulnerabilities that can allow the forging of payment packages or disabling the payment system directly from an unprivileged Android application. Vulnerabilities have been identified in Xiaomi Redmi Note 9T …

Xiaomi Phones are Vulnerable to Forged Payments Read More »