API

Rogue npm Packages Mimic Telegram Bot API to Plant SSH Backdoors on Linux Systems – Go Health Pro

by
Rogue npm Packages Mimic Telegram Bot API to Plant SSH Backdoors on Linux Systems – Go Health Pro

Apr 19, 2025Ravie LakshmananLinux / Malware Cybersecurity researchers have uncovered three malicious packages in the npm registry that masquerade as a popular Telegram bot library but harbor SSH backdoors and data exfiltration capabilities. The packages in question are listed below – According to supply chain security firm Socket, the packages are designed to mimic node-telegram-bot-api, … Read more

News alert: YRIKKA’s ‘Red Teaming’ API advances AI safety, reliability in high-stakes applications – Go Health Pro

by
News alert: YRIKKA’s ‘Red Teaming’ API advances AI safety, reliability in high-stakes applications – Go Health Pro

New York, NY, Apr. 3, 2025 — YRIKKA has released the first publicly available API for agentic red teaming of Visual AI assets. This release comes at the heels of YRIKKA successfully raising its pre-seed funding round of $1.5M led by Focal and Garuda Ventures. The company was founded by Dr. Kia Khezeli (CEO) and … Read more

12K hardcoded API keys and passwords found in public LLM training data – Go Health Pro

by
12K hardcoded API keys and passwords found in public LLM training data – Go Health Pro

Roughly 12,000 hardcoded live API keys and passwords were found on Common Crawl, a large dataset used to train LLMs such as DeepSeek.Security pros say hardcoded credentials are dangerous because hackers can more easily exploit them to gain access to sensitive data, systems, and networks. The threat actor in this case practiced LLMJacking, in which cybercriminals … Read more

FINALDRAFT Malware Exploits Microsoft Graph API for Espionage on Windows and Linux – Go Health Pro

by
FINALDRAFT Malware Exploits Microsoft Graph API for Espionage on Windows and Linux – Go Health Pro

Feb 13, 2025Ravie LakshmananMalware / Cyber Espionage Threat hunters have shed light on a new campaign targeting the foreign ministry of an unnamed South American nation with bespoke malware capable of granting remote access to infected hosts. The activity, detected in November 2024, has been attributed by Elastic Security Labs to a threat cluster it … Read more

BeyondTrust Zero-Day Breach Exposed 17 SaaS Customers via Compromised API Key – Go Health Pro

by
BeyondTrust Zero-Day Breach Exposed 17 SaaS Customers via Compromised API Key – Go Health Pro

Feb 01, 2025Ravie LakshmananVulnerability / Zero-Day BeyondTrust has revealed it completed an investigation into a recent cybersecurity incident that targeted some of the company’s Remote Support SaaS instances by making use of a compromised API key. The company said the breach involved 17 Remote Support SaaS customers and that the API key was used to … Read more