Python packages caught using DLL sideloading to bypass security

ReversingLabs researchers have uncovered Python packages using DLL sideloading to bypass security tools.

On 10 January 2024, Karlo Zanki, a reverse engineer at ReversingLabs, stumbled upon two suspicious packages on the Python Package Index (PyPI). These packages – named NP6HelperHttptest and NP6HelperHttper – were found to be utilising DLL sideloading, a known technique used by malicious actors to execute code discreetly and evade detection from security tools.

This...

Apple is killing web apps in the EU

Apple is ending support for progressive web apps (PWAs) for iPhone users within the EU, stirring concern among developers and users alike. This decision comes as a definitive blow to the accessibility and functionality of web-based applications on Apple devices.

The move to discontinue web app support has been apparent in each iteration of the iOS 17.4 beta, with users experiencing persistent issues. However, Apple has now clarified that this is deliberate.

In an update...

OpenText unveils next-gen cybersecurity auditing technology

OpenText has unveiled the second generation of its advanced cybersecurity auditing technology called Fortify Audit Assistant—aiming to help developers build more secure software amid rising threats and complexity in multi-cloud environments.

The key upgrade is the use of predictive analytics and machine learning to emulate human security auditors. By learning from 10 years of human expert data, the new Fortify Audit Assistant significantly improves accuracy and reduces false...

GitHub rotates credentials following vulnerability discovery

GitHub has rotated encryption keys following the discovery of a vulnerability that could have enabled threat actors to steal credentials, the company revealed Tuesday.  

The Microsoft-owned firm said it first became aware of the high-severity security flaw tracked as CVE-2024-0200 on 26 December 2023. After investigating the issue and verifying there was no evidence it had been exploited in attacks, GitHub moved swiftly to rotate potentially exposed keys the same day as a...

PHP 8.0 reaches EOL leaving some websites vulnerable

PHP 8.0 reached its end of life (EOL) on 26 November 2023 and will no longer receive any updates or patches.

PHP 8.0 was released on 26 November 2020 and brought many new features and improvements such as named arguments, attributes, constructor property promotion, match expression, nullsafe operator, JIT, and more.

The EOL of PHP 8.0 means that any websites still using it will be exposed to potential security risks and compatibility issues if they do not upgrade to a...

Checkmarx uncovers persistent Python package threat

Checkmarx has uncovered a threat actor that has been quietly infiltrating the open-source ecosystem for nearly six months, planting malicious Python packages with a focus on deception and financial gain.

The malicious actor employed a systematic approach, disguising their packages with names closely resembling popular legitimate Python packages. These decoy packages, camouflaged to blend in, successfully garnered thousands of downloads. The malicious payload, embedded within the...

AI coding assistants: A double-edged sword for DevOps in 2024

A growing reliance on AI-powered coding assistants is reshaping how DevOps teams operate, for better or worse.

According to Forrester's 2024 cybersecurity, risk, and privacy predictions, AI coding assistants are becoming integral to boosting productivity. However, a cautionary note accompanies this technological shift, as Forrester warns of potential pitfalls that could lead to cybersecurity breaches.

Forrester predicts that the combination of inconsistent compliance and...

Wallarm highlights disturbing trends in API security threats

Wallarm has released its Q3 2023 API ThreatStats report which sheds light on the escalating threats targeting APIs and revealing vulnerabilities that have impacted industry giants such as Netflix, VMware, and SAP.

The report's revamped ‘Top 10 API Security Threats’ compilation outlines 239 vulnerabilities discovered during the quarter, with injections taking the lead.

Injections involve inserting malicious data or code into APIs, leading to unauthorised access and...

State of Java: Resilience amid licensing changes and security concerns

Azul has unveiled its first annual State of Java Survey & Report, which offers a deep exploration of the Java landscape.

The study – based on responses from over 2,000 Java users worldwide – aims to provide unparalleled insights into Java's current standing, particularly its influence on enterprises of various sizes.

Java's ubiquity and vital role

The report underscores Java's pervasive presence, with a staggering 98 percent of businesses surveyed utilising...

Android finally checks sideloaded apps for malware before installs

In response to growing cyber threats, Google has introduced an update to bolster Android security. This enhancement focuses on strengthening malware detection before app installations, ensuring a safer Android ecosystem.

With this update, Google Play Protect now conducts real-time scans at the code-level during the app installation process:

By providing users with immediate feedback about the safety of the apps they are installing, Google empowers its users to make...