Suspected CoralRaider continues to expand victimology using three information stealers
_By Joey Chen, Chetan Raghuprasad and Alex Karkins. _ Cisco Talos discovered a new ongoing campaign since at least February 2024, operated by a threat actor distributing three famous infostealer malware, including Cryptbot, LummaC2 and Rhadamanthys. Talos also discovered a new PowerShell...
8.2AI Score
Police Chiefs Call for Solutions to Access Encrypted Data in Serious Crime Cases
European Police Chiefs said that the complementary partnership between law enforcement agencies and the technology industry is at risk due to end-to-end encryption (E2EE). They called on the industry and governments to take urgent action to ensure public safety across social media platforms....
6.8AI Score
German Authorities Issue Arrest Warrants for Three Suspected Chinese Spies
German authorities said they have issued arrest warrants against three citizens on suspicion of spying for China. The full names of the defendants were not disclosed by the Office of the Federal Prosecutor (aka Generalbundesanwalt), but it includes Herwig F., Ina F., and Thomas R. "The suspects...
6.8AI Score
Gambio Online Webshop 4.9.2.0 Remote Code Execution Exploit
A remote code execution vulnerability in Gambio online webshop versions 4.9.2.0 and below allows remote attackers to run arbitrary commands via an unauthenticated HTTP POST request. The identified vulnerability within Gambio pertains to an insecure deserialization flaw, which ultimately allows an.....
9.8CVSS
10AI Score
0.374EPSS
Debian dsa-5670 : thunderbird - security update
The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5670 advisory. The permission prompt input delay could expire while the window is not in focus. This makes it vulnerable to clickjacking by malicious websites. This...
7.2AI Score
0.0004EPSS
9.8CVSS
9.7AI Score
0.374EPSS
Debian dla-3791 : thunderbird - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3791 advisory. The permission prompt input delay could expire while the window is not in focus. This makes it vulnerable to clickjacking by malicious websites. This...
7.2AI Score
0.0004EPSS
ToddyCat Hacker Group Uses Advanced Tools for Industrial-Scale Data Theft
The threat actor known as ToddyCat has been observed using a wide range of tools to retain access to compromised environments and steal valuable data. Russian cybersecurity firm Kaspersky characterized the adversary as relying on various programs to harvest data on an "industrial scale" from...
6.9AI Score
Wallarm introduced its ongoing Open Source API Firewall project to the world at the recently concluded Blackhat Asia 2024 conference in Singapore. The open-source API Firewall by Wallarm is a free, lightweight API Firewall designed to protect REST and GraphQL API endpoints across cloud-native...
8.1AI Score
ToddyCat is making holes in your infrastructure
We continue covering the activities of the APT group ToddyCat. In our previous article, we described tools for collecting and exfiltrating files (LoFiSe and PcExter). This time, we have investigated how attackers obtain constant access to compromised infrastructure, what information on the hosts...
7.6AI Score
[SECURITY] [DLA 3791-1] thunderbird security update
Debian LTS Advisory DLA-3791-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort April 22, 2024 https://wiki.debian.org/LTS Package : thunderbird Version : 1:115.10.1-1~deb10u1 CVE...
10AI Score
0.0004EPSS
[SECURITY] [DSA 5670-1] thunderbird security update
Debian Security Advisory DSA-5670-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 22, 2024 https://www.debian.org/security/faq Package : thunderbird CVE ID : CVE-2024-2609 CVE-2024-3302...
6.8AI Score
0.0004EPSS
Security Bulletin: IBM Security Verify Governance - Identity Manager has multiple vulnerabilities
Summary Multiple security vulnerabilities have been addressed in updates to IBM Security Verify Governance - Identity Manager software component and IBM Security Verify Governance - Identity Manager virtual appliance component. Vulnerability Details ** CVEID: CVE-2023-26119 DESCRIPTION:...
9.8CVSS
10AI Score
0.164EPSS
6.6AI Score
0.0004EPSS
6.6AI Score
0.0004EPSS
6.6AI Score
0.0004EPSS
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2024-1524)
The remote host is missing an update for the Huawei...
6.5CVSS
6.8AI Score
0.001EPSS
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2024-1543)
The remote host is missing an update for the Huawei...
6.5CVSS
6.8AI Score
0.001EPSS
[SECURITY] Fedora 40 Update: curl-8.6.0-8.fc40
curl is a command line tool for transferring data with URL syntax, supporti ng FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, I MAP, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies,...
7.7AI Score
0.0004EPSS
Summary IBM has released the below fix for IBM Db2® on Cloud Pak for Data and Db2 Warehouse® on Cloud Pak for Data in response to multiple vulnerabilities found in multiple components. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details ** CVEID:...
9.8CVSS
9.8AI Score
0.101EPSS
Metasploit Weekly Wrap-Up 04/19/24
Welcome Ryan and the new CrushFTP module It's not every week we add an awesome new exploit module to the Framework while adding the original discoverer of the vulnerability to the Rapid7 team as well. We're very excited to welcome Ryan Emmons to the Emergent Threat Response team, which works...
9.9CVSS
9.8AI Score
0.959EPSS
Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local attacker to execute arbitrary code via the av_malloc function in libavutil/mem.c:105:9...
7.8AI Score
0.0004EPSS
Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local attacker to execute arbitrary code via theav_samples_set_silence function in thelibavutil/samplefmt.c:260:9...
7.6AI Score
0.0004EPSS
Tuta Mail (Tutanota) Accuses Google of Censoring Its Search Results
By Deeba Ahmed Shadowboxing in Search Results: Tuta Mail De-ranked and Disappearing on Google! This is a post from HackRead.com Read the original post: Tuta Mail (Tutanota) Accuses Google of Censoring Its Search...
7.3AI Score
How Attackers Can Own a Business Without Touching the Endpoint
Attackers are increasingly making use of "networkless" attack techniques targeting cloud apps and identities. Here's how attackers can (and are) compromising organizations – without ever needing to touch the endpoint or conventional networked systems and services. Before getting into the details...
7.5AI Score
[SECURITY] [DLA 3790-1] firefox-esr security update
Debian LTS Advisory DLA-3790-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort April 19, 2024 https://wiki.debian.org/LTS Package : firefox-esr Version : 115.10.0esr-1~deb10u1 CVE...
10AI Score
0.0004EPSS
Summary The IBM® Engineering System Design Rhapsody 9.0.1 iFix006 and The IBM® Engineering System Design Rhapsody 9.0.2 iFix002 contains fixes which was identified as a vulnerability during OSS scan. These version contain upgraded version of guava-28.0-jre.jar (CVE-2020-8908), httpclient-4.0.jar...
9.8CVSS
8.1AI Score
0.129EPSS
EulerOS Virtualization 2.10.0 : curl (EulerOS-SA-2024-1524)
According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : This flaw allows a malicious HTTP server to set 'super cookies' in curl that are then passed back to more origins than what is...
6.5CVSS
7.1AI Score
0.001EPSS
EulerOS Virtualization 2.10.1 : curl (EulerOS-SA-2024-1543)
According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : This flaw allows a malicious HTTP server to set 'super cookies' in curl that are then passed back to more origins than what is...
6.5CVSS
7.3AI Score
0.001EPSS
Debian dla-3790 : firefox-esr - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3790 advisory. The permission prompt input delay could expire while the window is not in focus. This makes it vulnerable to clickjacking by malicious websites. This...
7.2AI Score
0.0004EPSS
The device allows an unauthenticated attacker to bypass authentication and modify the cookie to reveal hidden pages that allows more critical operations to the...
7.5CVSS
7.3AI Score
0.0004EPSS
The device allows an unauthenticated attacker to bypass authentication and modify the cookie to reveal hidden pages that allows more critical operations to the...
7.5CVSS
8AI Score
0.0004EPSS
The application suffers from a privilege escalation vulnerability. An attacker logged in as guest can escalate his privileges by poisoning the cookie to become...
8.8CVSS
9.2AI Score
0.0004EPSS
Wordfence Intelligence Weekly WordPress Vulnerability Report (April 8, 2024 to April 14, 2024)
Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! Last week, there were 219 vulnerabilities disclosed in 209...
8.8AI Score
EPSS
tankreinigung24.de Cross Site Scripting vulnerability OBB-3918780
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
(RHSA-2024:1925) Moderate: Migration Toolkit for Containers (MTC) 1.8.3 security and bug fix update
The Migration Toolkit for Containers (MTC) enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API. Security Fix(es) from Bugzilla: axios: exposure of...
7.1AI Score
0.963EPSS
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Daniele De Rosa Backend Designer allows Stored XSS.This issue affects Backend Designer: from n/a through...
5.9CVSS
6.6AI Score
0.0004EPSS
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Daniele De Rosa Backend Designer allows Stored XSS.This issue affects Backend Designer: from n/a through...
5.9CVSS
5.7AI Score
0.0004EPSS
CVE-2024-32591 WordPress Backend Designer plugin <= 1.3 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Daniele De Rosa Backend Designer allows Stored XSS.This issue affects Backend Designer: from n/a through...
5.9CVSS
6.7AI Score
0.0004EPSS
CVE-2024-32591 WordPress Backend Designer plugin <= 1.3 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Daniele De Rosa Backend Designer allows Stored XSS.This issue affects Backend Designer: from n/a through...
5.9CVSS
5.9AI Score
0.0004EPSS
dolibarr/dolibarr is vulnerable to Session Hijacking. The vulnerability is due to inadequate user session management, allowing authenticated attackers to hijack victim users' session cookies and gain access to the CSRF protection tokens through interaction with a malicious web page, consequently...
6.8AI Score
0.0004EPSS
SUSE SLES15 Security Update : kernel (SUSE-SU-2024:1321-1)
The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1321-1 advisory. In the Linux kernel, the following vulnerability has been resolved: net/smc: fix kernel panic caused by race of smc_sock A...
7.8CVSS
8AI Score
EPSS
SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:1322-1)
The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1322-1 advisory. In the Linux kernel, the following vulnerability has been resolved: net/smc: fix kernel panic caused by race of smc_sock A...
7.8CVSS
8.4AI Score
EPSS
6.8AI Score
0.0004EPSS
FFmpeg version n5.1 to n6.1 was discovered to contain an Off-by-one Error vulnerability in libavfilter/avf_showspectrum.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted...
7.2AI Score
0.0004EPSS
FFmpeg version n6.1 was discovered to contain an improper validation of array index vulnerability in libavcodec/cbs_h266_syntax_template.c. This vulnerability allows attackers to cause undefined behavior within the...
7.4AI Score
0.0004EPSS
FFmpeg version n6.1 was discovered to contain a heap buffer overflow vulnerability in the draw_block_rectangle function of libavfilter/vf_codecview.c. This vulnerability allows attackers to cause undefined behavior or a Denial of Service (DoS) via crafted...
7.8AI Score
0.0004EPSS
[SECURITY] [DSA 5663-1] firefox-esr security update
Debian Security Advisory DSA-5663-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 17, 2024 https://www.debian.org/security/faq Package : firefox-esr CVE ID : CVE-2024-2609 CVE-2024-3302...
6.9AI Score
0.0004EPSS
mont-de-marsan.onvasortir.com Cross Site Scripting vulnerability OBB-3918625
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
FFmpeg version n6.1.1 was discovered to contain a heap use-after-free via the av_hwframe_ctx_init...
7.5AI Score
0.0004EPSS