Serving the Virginia Shenandoah Valley

News & Insights

Dormant PyPI Package Compromised to Spread Nova Sentinel Malware

A dormant package available on the Python Package Index (PyPI) repository was updated nearly after two years to propagate an information stealer malware called Nova Sentinel. The package, named django-log-tracker, was first published to PyPI in April 2022, according to software supply chain security firm Phylum, which detected an anomalous update to the library on February 21, Read More  … Read more

Reddit cites r/WallStreetBets as a risk factor in its IPO filing

As Reddit finally files to go public, the company wrote in its S-1 filing that “meme stock” schemes on r/WallStreetBets could pose a risk to investors. The subreddit r/WallStreetBets, a community of retail traders with 15 million members, describes itself as being “like 4chan found a Bloomberg Terminal.” It’s most well known for coordinating a … Read more

Spyware leak offers ‘first-of-its-kind’ look inside Chinese government hacking efforts

Over the weekend, someone posted a cache of files and documents apparently stolen from the Chinese government hacking contractor, I-Soon. This leak gives cybersecurity researchers and rival governments an unprecedented chance to look behind the curtain of Chinese government hacking operations facilitated by private contractors. Like the hack-and-leak operation that targeted the Italian spyware maker … Read more

Winning wireless with American strengths

Eric Schmidt Contributor Eric Schmidt was the CEO of Google from 2001 to 2011 and executive chairman of Google and its successor company, Alphabet, from 2011 to 2017. America’s infrastructure needs a serious upgrade. That includes the nation’s digital infrastructure — the critical networks underpinning commerce, defense, transport, and public safety.  It sustains innovation power … Read more

Microsoft Releases PyRIT – A Red Teaming Tool for Generative AI

Microsoft has released an open access automation framework called PyRIT (short for Python Risk Identification Tool) to proactively identify risks in generative artificial intelligence (AI) systems. The red teaming tool is designed to “enable every organization across the globe to innovate responsibly with the latest artificial intelligence advances,” Ram Shankar Siva Kumar, AI red team Read More  ​

Byju’s founder removed by investors in EGM vote

A group of Byju’s investors on Friday voted to remove the edtech group’s founder and chief executive Byju Raveendran and separately filed an oppression and management suit against the leadership at the firm to block the recently launched rights issue in a surreal moment for the startup, once the most valuable in India. At an … Read more

Hackers are exploiting ConnectWise flaws to deploy LockBit ransomware, security experts warn

Security experts are warning that a pair of high-risk flaws in a popular remote access tool are being exploited by hackers to deploy LockBit ransomware — days after authorities announced that they had disrupted the notorious Russia-linked cybercrime gang. Researchers at cybersecurity companies Huntress and Sophos told TechCrunch on Thursday that both had observed LockBit … Read more

Researchers Detail Apple’s Recent Zero-Click Shortcuts Vulnerability

Details have emerged about a now-patched high-severity security flaw in Apple’s Shortcuts app that could permit a shortcut to access sensitive information on the device without users’ consent. The vulnerability, tracked as CVE-2024-23204 (CVSS score: 7.5), was addressed by Apple on January 22, 2024, with the release of iOS 17.3, iPadOS 17.3, macOS Sonoma 14.3, and  Read More  ​

Armenia’s 10web brings AI website-building to WordPress

Generative AI has done an impressive job in improving productivity in a wide range of areas, including website building. There’s no lack of tools that now allow one to generate web designs by simply describing what they want in prompts, including established player Wix and bootstrapped startups like Relume. 10web, a company based out of … Read more