Ax Sharma
Author Bio
Ax Sharma is a Security Researcher and Tech Reporter. His works and expert analyses have frequently been featured by leading media outlets including the BBC, Business Insider, Fortune, TechCrunch, TechRepublic, The Register, WIRED, among others. Ax's expertise lies in vulnerability research, malware analysis, and open source software. He's an active community member of British Association of Journalists (BAJ) and Canadian Association of Journalists (CAJ).
Send any tips via email or Twitter DM.
-
Google ad for GIMP.org served info-stealing malware via lookalike site
Searching for 'GIMP' on Google as recently as last week would show visitors an ad for 'GIMP.org,' the official website of the well known graphics editor, GNU Image Manipulation Program. But clicking on it drove visitors to a lookalike phishing website that provided them with a 700 MB executable disguised as GIMP which was malware.
- November 01, 2022
- 06:48 AM
-
5
-
Hive claims ransomware attack on Tata Power, begins leaking data
Hive ransomware group has claimed responsibility for a cyber attack disclosed by Tata Power this month. In screenshots seen by BleepingComputer, Hive operators are leaking data they claim to have stolen from Tata Power, indicating the ransom negotiations failed.
- October 25, 2022
- 04:49 AM
-
0
-
Google search crashes when you ask "How many emojis on Apple"
Google Search is timing out when users search for specific terms like "How many emojis on iOS," "How many emojis on Apple" and "How many emojis on Windows."
- October 16, 2022
- 03:16 AM
-
0
-
Chase UK's app-only bank hit with 24-hour ongoing outage
Chase UK's ongoing outage has been impacting British customers with a mobile-based current account for well over 24 hours.
- October 05, 2022
- 01:59 PM
-
0
-
npm packages used by crypto exchanges compromised
Multiple npm packages published by the crypto exchange, dYdX, and used by at least 44 cryptocurrency projects, appear to have been compromised. Powered by the Ethereum blockchain, dydX is a decentralized exchange platform offering perpetual trading options for over 35 popular cryptocurrencies including Bitcoin (BTC) and Ether (ETH).
- September 23, 2022
- 12:31 PM
-
0
-
This image shows its own MD5 checksum — and it's kind of a big deal
Generating checksums—cryptographic hashes such as MD5 or SHA-256 functions for files is hardly anything new and one of the most efficient means to ascertain the integrity of a file, or to check if two files are identical. But a researcher has generated an image that visibly contains its own MD5 hash.
- September 23, 2022
- 07:32 AM
-
0
-
Google, Microsoft can get your passwords via web browser's spellcheck
Enhanced Spellcheck features in Google Chrome and Microsoft Edge web browsers transmit form data, including personally identifiable information (PII) and in some cases, passwords, to Google and Microsoft respectively.
- September 17, 2022
- 02:39 PM
-
7
-
3D Printed Steak: Israeli company unveils lab-grown beef chunks
Craving your next serving of steak? These 3D-printed and sumptuous beef morsels may have you surprised. This Israeli company is on a mission to mass produce cultured beef—that is real beef but not sourced from killing a cow, that further undergoes 3D printing.
- September 15, 2022
- 12:48 PM
-
0
-
Gay hookup site typosquatted to push dodgy Chrome extensions, scams
Gay hookup and cruising web app Sniffies is being impersonated by opportunistic threat actors hoping to target the website's users with many typosquatting domains that push scams and dubious Google Chrome extensions. In some cases, these illicit domains launch the Apple Music app prompting users to buy a subscription.
- September 14, 2022
- 02:15 PM
-
0
-
Dotless domains: Home to the Internet’s shortest URLs
You may be familiar with some of the shortest internet domains used by major companies, such as m.me and fb.me from Facebook (Meta) and Twitter's t.co URL shortener. But, it's possible for live domain names to be even shorter than these choices—and contain no dots.
- September 12, 2022
- 12:25 PM
-
2
-
PyPI packages hijacked after developers fall for phishing emails
A phishing campaign caught yesterday was seen targeting maintainers of Python packages published to the PyPI registry. Python packages 'exotel' and 'spam' are among hundreds seen laced with malware after attackers successfully compromised accounts of maintainers who fell for the phishing email.
- August 25, 2022
- 07:18 AM
-
0
-
Fake Chrome extension 'Internet Download Manager' has 200,000 installs
Google Chrome extension 'Internet Download Manager' installed by more than 200,000 users is adware. The extension has been sitting on the Chrome Web Store since at least June 2019, according to the earliest reviews posted by users.
- August 24, 2022
- 05:45 AM
-
0
-
SpaceX Starlink 'train' of satellites illuminates Northwest skies
Residents of Northwestern parts of the U.S. and Canada were baffled at seeing a bright trail of lights—almost like a train flying through the skies over the weekend. The mystery seems to have now been resolved. And, it's not the aliens. This moving cluster comprises SpaceX's 53 Starlink satellites launched from Florida this Friday.
- August 22, 2022
- 12:47 PM
-
4
-
An encrypted ZIP file can have two correct passwords — here's why
Password-protected ZIP archives are common means of compressing and sharing sets of files—from sensitive documents to malware samples to even malware (phishing "invoices" in emails). But, did you know it is possible for an encrypted ZIP file to have two correct passwords, with both producing the same outcome on extraction?
- August 21, 2022
- 12:27 PM
-
0
-
241 npm and PyPI packages caught dropping Linux cryptominers
More than 200 malicious packages were discovered infiltrating the PyPI and npm open source registries this week. These packages are largely typosquats of widely used libraries and each one of them downloads a Bash script on Linux systems that run cryptominers.
- August 19, 2022
- 04:11 PM
-
0
