Shweta Sharma - Mochiai.blog

KI als AWS-Angriffsturbo

By Shweta Sharma
February 6, 2026

Laterale Bewegung, LLMjacking und GPU-Missbrauch Nachdem sich die Angreifer administrativen Zugriff verschafft hatten, bewegten sie sich lateral über 19 verschiedene AWS-Principals und erstellten neue…

Hugging Face infra abused to spread Android RAT in a large-scale malware campaign

By Shweta Sharma
January 30, 2026

Among the requested permissions are Accessibility Services, screen recording, screen casting, and overlay display rights. Together, these give the malware extensive visibility into user…

Critical RCE bugs expose the n8n automation platform to host‑level compromise

By Shweta Sharma
January 29, 2026

The researchers demonstrated how Python sandbox constraints can be evaded, granting access to system resources that should be off-limits. Urgent need to update Both…

Sicarii ransomware locks your data and throws away the keys

By Shweta Sharma
January 28, 2026

“A Sicarii ransomware represents a nightmare scenario where traditional ransomware response strategies fail entirely,” said Agnidipta Sarkar, chief evangelist at ColorTokens. “As no decryptor…

VoidLink malware was almost entirely made by AI

By Shweta Sharma
January 22, 2026

The researchers identified sprint-style plans, detailed technical specifications, and task breakdowns that appeared to be generated programmatically rather than authored manually. Code comments, architectural…

Contagious Interview turns VS Code into an attack vector

By Shweta Sharma
January 21, 2026

Importantly, the backdoor does not depend on VS Code remaining open. After initial execution, the malicious code can persist independently, meaning closing the IDE…

High-severity bug in Broadcom software enables easy WiFi denial-of-service

By Shweta Sharma
January 13, 2026

A high-severity flaw in Broadcom WiFi chipset software can allow an attacker within radio range to completely knock wireless networks offline by sending a…

CISA flags max-severity bug in HPE OneView amid active exploitation

By Shweta Sharma
January 9, 2026

A max-severity remote code execution (RCE) flaw in HPE’s OneView management platform has been flagged by the Cybersecurity & Infrastructure Security Agency (CISA) for…

Phishing-Angreifer setzen vermehrt auf E-Mail-Routing-Lücken

By Shweta Sharma
January 8, 2026

<p class=” src=”https://b2b-contenthub.com/wp-content/uploads/2026/01/shutterstock_2456545813.jpg?quality=50&strip=all&w=1024″ width=”1024″>batjaket – shutterstock.com Das Threat Intelligence Team von Microsoft hat kürzlich festgestellt, dass Angreifer zunehmend komplexe E-Mail-Weiterleitungen und falsch konfigurierte Domain-Spoofing-Schutzmaßnahmen…

Critical jsPDF vulnerability enables arbitrary file read in Node.js deployments

By Shweta Sharma
January 8, 2026

A now-fixed critical flaw in the jsPDF library could enable attackers to extract sensitive files from enterprise servers and embed them directly into generated…

Load More Posts