Publications & Analyses
Argus Flow releases, platform announcements, press updates, and cybersecurity analyses.
Weekly Cybersecurity Recap: Chrome 0-Days, Router Botnets, and AWS Breach
This week's cybersecurity developments highlight critical 0-day vulnerabilities discovered in Chrome, a surge in router botnets, and a data breach affecting AWS. The misuse of AI agents is also emerging as a concerning trend.
GlassWorm Attack: Malware Injected into Python Repositories Using Stolen GitHub Tokens
The advanced threat group GlassWorm has leveraged stolen GitHub access tokens to inject malware into the code repositories of Python projects. The attack is expected to have a widespread impact. The full scope of affected projects and data is still being determined.
CISA Flags Actively Exploited Wing FTP Vulnerability Leaking Server Paths
The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about a critical vulnerability in Wing FTP servers that is being actively exploited. This flaw allows attackers to obtain server path information, potentially leading to deeper system compromises.
LeakNet Ransomware Spreads via ClickFix Through Hacked Websites
Cybersecurity researchers have uncovered that LeakNet ransomware is utilizing hacked websites and a tool called ClickFix for its propagation. This novel method allows the ransomware to deploy in memory, making it harder to detect.
Speagle Malware Hijacks Cobra DocGuard to Steal Data
A new malware strain named Speagle has been observed exploiting Cobra DocGuard, a document management and collaboration platform, to steal data via compromised servers. The extent of the data breach and the specific types of stolen information are still under investigation.
Trivy Security Scanner GitHub Actions Compromised, 75 Tags Hijacked
The Trivy Security Scanner's GitHub Actions integration experienced a security breach. Attackers hijacked 75 Git tags to potentially steal CI/CD secrets from affected users. This incident highlights supply chain attack risks in automated development workflows.
Citrix NetScaler Critical Flaw: Unauthenticated Data Leaks Possible
Citrix has issued an urgent call to patch a critical vulnerability in its NetScaler products. This flaw allows for unauthenticated data leaks, potentially exposing corporate information. The specific number of affected records and types of data compromised have not yet been disclosed.
Did Lapsus$ Hack AstraZeneca? Extortion Group Claims Major Data Breach!
The notorious extortion group Lapsus$ has claimed responsibility for a significant cyberattack on pharmaceutical giant AstraZeneca. The hackers allegedly compromised internal code repositories, credentials, and employee data. The potential ramifications of this breach are a major concern.
Dutch Ministry of Finance Hit by Cyberattack: Employee Data Compromised?
The Dutch Ministry of Finance has confirmed a cyberattack that breached some of its systems last week. The incident has reportedly affected employee information.
Fake Resumes Unleash Cyber Threat: Enterprise Credentials Stolen, Crypto Miners Deployed!
A sophisticated phishing campaign is targeting French-speaking corporate environments using deceptive fake resumes. The attackers aim to steal enterprise credentials and deploy cryptocurrency miners and information stealers.
Mirra Health Data Breach: Thousands of Florida Medicare Members' Sensitive Information Exposed Overseas!
Mirra Health jeopardized the safety of thousands of Floridians by sharing their sensitive health data with unauthorized overseas companies. State investigators found the company sent private medical information to unlicensed firms in India and the Philippines.
Massive Data Breach: TeamPCP Compromises Popular Python Package LiteLLM!
The cybersecurity world is in shock as the notorious TeamPCP threat actor has compromised two versions of the widely-used Python package, LiteLLM. These compromised versions contain a credential harvester and a persistent backdoor.