The Hacker News

Over 1,000 Exposed ComfyUI Instances Targeted in Cryptomining Botnet Campaign

Over 1,000 exposed ComfyUI instances exploited via unauthenticated code execution, enabling Monero mining and botnet expansion.

Aurora Mobile Debuts Modellix: A Unified Gateway for Next-Gen AI Media Generation

Aurora Mobile Limited (NASDAQ: JG) (“Aurora Mobile” or the “Company”), a leading provider of customer engagement and ...

ComfyUI servers: Attackers turn instances into a cryptominer proxy botnet

More than 1000 ComfyUI servers are exposed to the internet. Attackers exploit misconfigurations to add instances to a botnet.
The Hacker News

UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack

UNC1069 compromised Axios 1.14.1 and 0.30.4 via social engineering, impacting 100M weekly downloads and exposing supply ...
CSO Online

North Korean hackers abuse LNKs and GitHub repos in ongoing campaign

The multi-stage campaign targeting South Korea uses weaponized Windows shortcuts and GitHub-based command and control to ...

Hackers exploit React2Shell in automated credential theft campaign

Hackers are running a large-scale campaign to steal credentials in an automated way after exploiting React2Shell ...
SecurityWeek

React2Shell Exploited in Large-Scale Credential Harvesting Campaign

The UAT-10608 hacking group is using automated scanning and scripts to exploit React2Shell in a large-scale credential ...
How-To Geek on MSN

Stop writing complex API code: 6 one-liners that do the heavy lifting for you

Quick and simple solutions, thanks to the internet.
CSO Online

Security lapse lets researchers view React2Shell hackers’ dashboard

The campaign is stealing credentials from unpatched servers at scale, due to “neglect and efficiency,” says analyst, and the ...