Cyber criminals have executed a malware attack using the Godot Gaming Engine, according to Check Point Research. The attackers used malicious GDScript code to deploy malware to over 17,000 devices via a “GodLoader”. Targets were tricked into downloading and executing the malware loader, thinking they were accessing cracks for paid software. The attack was distributed via the Stargazers Ghost Network, a malware-as-a-service platform that used 200 fake GitHub repositories.
Researchers Spot XZ Utils Backdoor in Dozens of Docker Hub Images, Fueling Supply Chain Risks
New research has uncovered Docker images on Docker Hub that contain the infamous XZ Utils backdoor, more than a year after the discovery of the
