Zscaler highlights security trends challenging developers

Pile of keys illustrating the security trends and challenges posed to developers highlighted in Zscaler ThreatLabz's latest cybersecurity report for 2024.

Zscaler has released its annual ThreatLabz report, highlighting security challenges that should be on every developer's radar.

The 2024 Mobile, IoT, and OT Threat Report – covering June 2023 to May 2024 – highlights critical vulnerabilities in mobile applications, IoT devices, and operational technology (OT) systems that demand immediate attention from the development community.

One of the most alarming findings is the discovery of over 200 infected applications in...

15 October 2024 | Android

North Korean hackers target developers with fake job interviews

Software developer in a fake job interview orchestrated by hackers.

Cybersecurity researchers at ReversingLabs have uncovered malicious software packages linked to a campaign known as VMConnect, believed to be orchestrated by the North Korean hacking team Lazarus Group. The campaign, first identified in August 2023, uses fake job interviews to lure developers into downloading and executing malicious code.

The latest samples were traced to GitHub projects associated with previous targeted attacks. Researchers were able to identify one compromised...

11 September 2024 | Developer

Roblox developers targeted by year-long malware campaign

A sustained malware campaign targeting Roblox developers through malicious npm packages has been uncovered by Checkmarx security researchers. The attackers are impersonating the popular “noblox.js” library, publishing dozens of packages designed to steal sensitive information and compromise systems.

The campaign, which has been active for over a year, exploits trust in the open-source ecosystem. It particularly targets the Roblox platform, a lucrative target due to its massive...

2 September 2024 | Development Tools

Hackers are increasingly exploiting packers to spread malware

Cybersecurity researchers from Check Point have uncovered an increasing trend of hackers exploiting commercial packing tools like BoxedApp to conceal and distribute various malware strains. Over the past year, a significant surge in the abuse of BoxedApp products has been observed, particularly in attacks targeting financial institutions and government organisations.

BoxedApp offers a range of commercial packers – including BoxedApp Packer and BxILMerge – which provide...

6 June 2024 | Developer

Sonatype exposes malicious PyPI package ‘pytoileur’

Sonatype has exposed 'pytoileur', a malicious PyPI package designed to download and install trojanised Windows binaries capable of surveillance, commandeering persistence, and stealing cryptocurrency. This discovery is part of a broader, months-long "Cool package" campaign aimed at infiltrating the coding community.

Yesterday, an automated malware detection system operated by Sonatype, known as the Sonatype Repository Firewall, flagged a newly published PyPI package called...

29 May 2024 | Hacking & Security

Phylum uncovers targeted malware disguised in Python package

Phylum’s cybersecurity experts have detected a malicious payload embedded within a popular Python package on the PyPI repository. The package, named requests-darwin-lite, is an unauthorised variant of the widely-used requests library.

The requests-darwin-lite package was cleverly designed to emulate its legitimate counterpart but included a Go binary concealed within an oversized image file pretending to be a simple logo. This file – a PNG labelled as a sidebar image –...

13 May 2024 | Hacking & Security

Google blocked 2M malicious apps from the Play Store in 2023

Google blocked 2.28 million policy-violating apps from being published on the Play Store in 2023, thanks to improved security measures and tighter developer vetting processes. The company rejected or had developers remediate almost 200,000 app submissions to prevent abuse of sensitive permissions like location tracking and SMS access.  

The company says providing a safe and trusted Play Store experience is its top priority, underpinned by principles to "safeguard users",...

30 April 2024 | Android

PyPI suspends registrations amid malware attack

The Python Package Index (PyPI) has suspended new project creation and user registration to mitigate an ongoing malware upload campaign. This move comes as security researchers at Checkmarx uncovered a campaign involving multiple malicious packages related to the same threat actors.

The attackers are targeting victims through typosquatting attacks, tricking users into installing malicious Python packages through their command-line interface. This multi-stage attack aims to steal...

28 March 2024 | Developer

GitHub suffers from over 100K infected repos

Developers face a major security threat as over 100,000 repositories on GitHub are infected with malicious code.

This resurgence of a malicious repo confusion campaign – detected by Apiiro’s security researchers – has impacted countless developers who unwittingly use repositories they believe to be trusted but are, in fact, compromised.

Similar to dependency confusion attacks – which exploit package managers – repo confusion attacks rely on human error,...

29 February 2024 | Developer

Android finally checks sideloaded apps for malware before installs

In response to growing cyber threats, Google has introduced an update to bolster Android security. This enhancement focuses on strengthening malware detection before app installations, ensuring a safer Android ecosystem.

With this update, Google Play Protect now conducts real-time scans at the code-level during the app installation process:

By providing users with immediate feedback about the safety of the apps they are installing, Google empowers its users to make...

19 October 2023 | Android