Emerging Threat: Detection of Suspicious ‘standalone-framework.js’ File
SGI observed a potentially malicious 'standalone-framework.js' file originating from China. While currently low severity, proactive monitoring is advised.
Emerging Threat: SSH Authorized Key Injection via Compromised Servers
SGI observed a low-severity threat involving potential SSH authorized key injection originating from a compromised server. Immediate action is needed.
Observed Activity: Network Communication from Indonesian IP Address
SGI observed network activity originating from an Indonesian IP address (103.179.27.93) associated with AS149333. The activity involved a file hash 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b.
SSH Authorized Keys Redirection Exploit Targeting Multiple User Directories
SGI observed an attack targeting SSH authorized keys across various user directories. Threat actors are attempting to gain unauthorized access via SSH.