Weekly our experts select relevant news in the cybersecurity industry. Over the last two weeks, we saw the “Abuse of Telegram bots for credential phishing increased 800% in 2022”, “Bad Paths & The Importance of Using Valid URL Characters” and much more.

For more articles, check out our #onpatrol4malware blog.

Supply Chain Attack Using Identical PyPI Packages, “colorslib”, “httpslib”, and “libhttps”

Source: Fortinet

All three were published by the same author, ‘Lolip0p’, as shown in the official PyPI repository. ‘Lolip0p’ joined the repository close to the publish date. Read more.

Abuse of Telegram bots for credential phishing increased 800% in 2022

Source: SC Media

A report released this week by Cofense finds that while Telegram bots being used to exfiltrate information is not new, it has not been commonly used by threat actors in the past for credential phishing. Read more.

Drupal Releases Security Update to Address Vulnerability in Private Taxonomy Terms

Source: CISA

An unauthorized user could exploit this vulnerability to bypass access permissions to create, modify, and delete private vocabulary terms. Read more.

Microsoft ends extended support for Windows 7 and Windows Server 2008 today

Source: MalwareBytes LABS

Time has finally run out for Windows 7 Professional and Enterprise users. Microsoft will stop providing its Extended Security Updates (ESU) program for the OS version today, January 10. Read more.

Microsoft Releases January 2023 Security Updates

Source: CISA

Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker could exploit some of these vulnerabilities to take control of an affected system. Read more.

Bad Paths & The Importance of Using Valid URL Characters

Source: Sucuri

In this post I’ll be summarizing OWASP best practices and rfc3986 documentation to describe what a bad path is, why you should use valid URL characters, and how to properly encode characters to avoid problems. Read more.

StrongPity espionage campaign targeting Android users

Source: welivesecurity

ESET researchers identified an active StrongPity campaign distributing a trojanized version of the Android Telegram app, presented as the Shagle app – a video-chat service that has no app version. Read more.