QINGLONG TASK SCHEDULER UNDER ATTACK FOR CRYPTOMINING
■ AI-SUMMARIZED FROM 1 SOURCE ▸ TIMELINE
Hackers are actively exploiting authentication bypass vulnerabilities in Qinglong, an open-source task scheduling tool, to deploy cryptominers on developer servers. The attacks target two separate RCE flaws in the platform.
■ MORE FROM THE SECURITY DESK
Microsoft has released a patch for a zero-day vulnerability in Windows Defender that could allow attackers to exhaust hard disk space. The flaw was discovered and reported by security researcher NightmareEclipse.
A software defect from 2006 triggered a cascading network failure that knocked out Telstra's national phone service Wednesday morning. The bug, related to daylight savings time processing, created a 'digital domino chain' that locked customers out across the country.
The EU Parliament is advancing legislation that would require tech companies to scan for child sexual abuse material (CSAM), reviving a proposal rejected in March. End-to-end encrypted services like WhatsApp would be exempt from the requirements.
Hackers compromised the Injective Labs SDK repository on GitHub and published a malicious package to npm that steals cryptocurrency wallet private keys and seed phrases from developers.