Researchers at web security firm Websense on Monday warned Facebook users to be on the lookout for a phishing email that attempts to trick them into believing their password was reset, which could lead to their PC being hit with a trojan. The bogus messages, which have been spoofed to make it look like they are coming from Facebook, falsely inform recipients that their password has been changed due to safety concerns. They are encouraged to click on a ZIP attachment to view their new password. However, that file actually contains a poorly detected executable that installs additional malware on the victim's computer and joins it as part of the Bredolab botnet. -- DK
Seventy-four percent of codebases had high-risk open source vulnerabilities last year, representing a significant increase over the 48% of those with exploited flaws, proof-of-concept exploits, and remote code execution issues in 2022.