Ax Sharma
Author Bio
Ax Sharma is an Indian-origin British security researcher and journalist focused on malware analyses and cybercrime investigations. His areas of expertise include open source software security, threat intel analysis, and reverse engineering. Frequently featured by leading media outlets like the BBC, Channel 5, Fortune, WIRED, among others, Ax is an active community member of the OWASP Foundation and the British Association of Journalists (BAJ).
Send any tips via email or Twitter DM.
-
Twitter's bot spam keeps getting worse — it's about porn this time
Forget crypto spam accounts, Twitter's got another problem which involves bots and accounts promoting adult content and infiltrating Direct Messages and interactions on the platform. And there doesn't seem to be an easy solution in sight.
- July 02, 2023
- 11:05 AM
-
5
-
PyPI temporarily pauses new users, projects amid high volume of malware
PyPI, the official third-party registry of open source Python packages has temporarily suspended new users from signing up, and new projects from being uploaded to the platform until further notice. The unexpected move comes amid the registry's struggle to upkeep with a large influx of malicious users and packages
- May 20, 2023
- 09:19 PM
-
0
-
npm packages caught serving TurkoRAT binaries that mimic NodeJS
Researchers have discovered multiple npm packages named after NodeJS libraries that even pack a Windows executable that resembles NodeJS but instead drops a sinister trojan.
- May 20, 2023
- 09:06 AM
-
0
-
Airline exposes passenger info to others due to a 'technical error'
airBaltic, Latvia's flag carrier has acknowledged that an 'internal technical error' exposed reservation details of some of its passengers to other airBaltic passengers.
- May 15, 2023
- 11:04 AM
-
0
-
Kingston's SSD firmware has Coldplay lyrics hidden within it
What has firmware got to do with pop rock, you ask? That's the question that crossed a security researcher's mind as he analyzed Kingston's firmware and stumbled upon the lyrics of a popular Coldplay song buried deep within it.
- May 10, 2023
- 10:13 AM
-
2
-
QR codes used in fake parking tickets, surveys to steal your money
As QR codes continue to be heavily used by legitimate organizations—from Super Bowl advertisements to enforcing parking fees and fines, scammers have crept in to abuse the very technology for their nefarious purposes. A woman in Singapore reportedly lost $20,000 after using a QR code to fill out a "survey" at a bubble tea shop.
- May 08, 2023
- 11:32 AM
-
0
-
Researcher hijacks popular Packagist PHP packages to get a job
A researcher hijacked over a dozen Packagist packages—with some having been installed hundreds of millions of times over the course of their lifetime. The researcher reached out to BleepingComputer stating that by hijacking these packages he hopes to get a job. And, he seems pretty confident that this would work.
- May 03, 2023
- 11:30 AM
-
1
-
Major UK banks including Lloyds, Halifax, TSB hit by outages
Websites and mobile apps of Lloyds Bank, Halifax, TSB Bank, and Bank of Scotland have experienced web and mobile app outages today leaving customers unable to access their account balances and information.
- April 28, 2023
- 04:48 AM
-
1
-
Yellow Pages Canada confirms cyber attack as Black Basta leaks data
Yellow Pages Group, a Canadian directory publisher has confirmed to BleepingComputer that it has been hit by a cyber attack. Black Basta ransomware and extortion gang claims responsibility for the attack and has posted sensitive documents and data over the weekend.
- April 24, 2023
- 03:22 AM
-
0
-
University websites using MediaWiki, TWiki hacked to serve Fortnite spam
Websites of multiple U.S. universities are serving Fortnite and 'gift card' spam. Researchers observed Wiki and documentation pages being hosted by universities including Stanford, MIT, Berkeley, UMass Amherst, Northeastern, Caltech, among others, were compromised.
- April 21, 2023
- 04:35 AM
-
0
-
IRS-authorized eFile.com tax return software caught serving JS malware
eFile.com, an IRS-authorized e-file software service provider used by many for filing their tax returns, has been caught serving JavaScript malware.
- April 04, 2023
- 05:00 AM
-
0
-
DISH slapped with multiple lawsuits after ransomware cyber attack
Dish Network has been slapped with multiple class action lawsuits after it suffered a ransomware incident that was behind the company's multi-day "network outage." The legal actions aim to recover losses faced by DISH investors who were adversely affected by what has been dubbed a "securities fraud."
- April 01, 2023
- 06:39 AM
-
2
-
GitHub.com rotates its exposed private SSH key
GitHub has rotated its private SSH key for GitHub.com after the secret was was accidentally published in a public GitHub repository. The software development and version control service says, the private RSA key was only "briefly" exposed, but that it took action out of "an abundance of caution."
- March 24, 2023
- 04:33 AM
-
0
-
City of Toronto confirms data theft, Clop claims responsibility
City of Toronto is among Clop ransomware gang's latest victims hit in the ongoing GoAnywhere hacking spree. Other victims listed alongside the Toronto city government include UK's Virgin Red and the statutory corporation, Pension Protection Fund.
- March 23, 2023
- 05:05 PM
-
0
-
Clop ransomware claims Saks Fifth Avenue, retailer says mock data stolen
The Clop ransomware gang claims to have attacked Saks Fifth Avenue on its dark web leak site. Saks admits the incident is linked to the ongoing GoAnywhere MFT software exploits but states that no real customer data was stolen.
- March 21, 2023
- 05:25 AM
-
1
0
