CapraRAT Spyware Disguised as Popular Apps Threatens Android Users
The threat actor known as Transparent Tribe has continued to unleash malware-laced Android apps as part of a social engineering campaign to target individuals of interest. "These APKs continue the group's trend of embedding spyware into curated video browsing applications, with a new expansion...
7.1AI Score
Summary The SANnav Management Portal and Global View products are affected due to a Jave SE issue. The affected issue has been addressed and can be resolved by applying the SANnav code level listed below. CVE-2023-21930, CVE-2023-21967, CVE-2023-21954, CVE-2023-21939, CVE-2023-21968,...
7.4CVSS
7.1AI Score
0.002EPSS
Certain HP PC BIOS Logo Vulnerabilities
Potential security vulnerabilities, known as LogoFAIL, have been reported in the AMI BIOS and the Insyde BIOS used in certain HP PC products, which might allow escalation of privilege, arbitrary code execution, denial of service, information disclosure, and/or data tampering. AMI and Insyde are...
7.8CVSS
7.8AI Score
0.0004EPSS
Intel Chipset Device Software May 2024 Security Update
Intel has informed HP of a potential security vulnerability in some Intel® Chipset Device Software, which might allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Intel has released updates to mitigate the potential vulnerability. HP has...
6.7CVSS
7.1AI Score
0.0004EPSS
Summary Multiple vulnerabilities within WebSphere Application and IBM HTTP Server and Java which is included as part of IBM Tivoli Monitoring (ITM) portal server. have been remediated. Vulnerability Details ** CVEID: CVE-2024-22354 DESCRIPTION: **IBM WebSphere Application Server 8.5, 9.0 and IBM...
7.5CVSS
8.5AI Score
0.001EPSS
AI has since replaced "cryptocurrency" and "blockchain" as the cybersecurity buzzwords everyone wants to hear. We're not getting as many headlines about cryptocurrency miners, the security risks or promises of the blockchain, or non-fungible tokens being referenced on "Saturday Night Live." A...
9.1CVSS
7.2AI Score
0.0004EPSS
A company that helps to authenticate users for big brands had a set of administration credentials exposed online for over a year, potentially allowing access to user identity documents such as driving licenses. As more and more legislation emerges requiring websites and platforms—like gambling...
7.4AI Score
Wordfence Intelligence Weekly WordPress Vulnerability Report (June 17, 2024 to June 23, 2024)
_ Did you know Wordfence runs a Bug Bounty Program for all WordPress plugin and themes at no cost to vendors? __Researchers can earn up to $10,400, for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find a vulnerability, submit the details directly to us, and we handle all the...
10CVSS
9.8AI Score
EPSS
software: cfengine 3.21.3 OS: ROSA-CHROME package_evr_string: cfengine-3.21.3-1 CVE-ID: CVE-2021-36756 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: There is no SSL certificate validation in CFEngine Enterprise. CVE-STATUS: Fixed CVE-REV: To close, execute command: sudo dnf update cfengine CVE-ID:...
6.5CVSS
6.4AI Score
0.001EPSS
The Windows Registry Adventure #3: Learning resources
Posted by Mateusz Jurczyk, Google Project Zero When tackling a new vulnerability research target, especially a closed-source one, I prioritize gathering as much information about it as possible. This gets especially interesting when it's a subsystem as old and fundamental as the Windows registry......
5.5CVSS
6.7AI Score
0.001EPSS
Episode 2: Behind the Scenes of a Tailor-Made Massive Phishing Campaign Part 2
Executive Summary Last summer, we investigated a massive, global phishing campaign impersonating almost 350 legitimate companies. Our continued investigation into this expansive phishing campaign revealed leaked backend source code, shedding light on the infrastructure behind the operation. This...
7AI Score
AMD Processors February 2024 Security Updates
AMD has informed HP of potential vulnerabilities identified in client platform firmware for some AMD processors, which might allow escalation of privilege, arbitrary code execution, denial of service, and/or information disclosure. AMD is releasing firmware updates to mitigate these...
7.9AI Score
EPSS
Neiman Marcus confirms breach. Is the customer data already for sale?
Luxury retail chain Neiman Marcus has begun to inform customers about a cyberattack it discovered in May. The attacker compromised a database platform storing customers' personal information. The letter tells customers: “Promptly after learning of the issue, we took steps to contain it, including.....
7.5AI Score
7.1AI Score
7.1AI Score
7.1AI Score
7.1AI Score
7.1AI Score
7.1AI Score
7.1AI Score
CVE-2024-4197 Avaya IP Office One-X Portal File Upload Vulnerability
An unrestricted file upload vulnerability in Avaya IP Office was discovered that could allow remote command or code execution via the One-X component. Affected versions include all versions prior to...
9.9CVSS
7.6AI Score
0.0004EPSS
CVE-2024-4197 Avaya IP Office One-X Portal File Upload Vulnerability
An unrestricted file upload vulnerability in Avaya IP Office was discovered that could allow remote command or code execution via the One-X component. Affected versions include all versions prior to...
9.9CVSS
0.0004EPSS
4 FIN9-linked Vietnamese Hackers Indicted in $71M U.S. Cybercrime Spree
Four Vietnamese nationals with ties to the FIN9 cybercrime group have been indicted in the U.S. for their involvement in a series of computer intrusions that caused over $71 million in losses to companies. The defendants, Ta Van Tai (aka Quynh Hoa and Bich Thuy), Nguyen Viet Quoc (aka Tien...
7AI Score
Security Advisory 0098 _._CSAF PDF Date: June 25, 2024 Revision | Date | Changes ---|---|--- 1.0 | June 25, 2024 | Initial release The CVE-ID tracking this issue: CVE-2024-4578 CVSSv3.1 Base Score: 8.4 (CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H) Common Weakness Enumeration: CWE-77 Improper...
8.4CVSS
7AI Score
0.0004EPSS
Tp-Link ER7206 Omada Gigabit VPN Router cli_server debug leftover debug code vulnerability
Talos Vulnerability Report TALOS-2024-1947 Tp-Link ER7206 Omada Gigabit VPN Router cli_server debug leftover debug code vulnerability June 25, 2024 CVE Number CVE-2024-21827 SUMMARY A leftover debug code vulnerability exists in the cli_server debug functionality of Tp-Link ER7206 Omada Gigabit VPN....
7.2CVSS
7.8AI Score
0.001EPSS
AMD Client UEFI – Cross-Process Information Leak
AMD has informed HP of a potential security vulnerability identified in some AMD client processors, which might allow information disclosure. AMD released firmware updates to mitigate these vulnerabilities. AMD has released updates to mitigate the potential vulnerability. HP has identified...
5.5CVSS
7AI Score
0.001EPSS
Background Flatpak is a Linux application sandboxing and distribution framework. Description A vulnerability has been discovered in Flatpak. Please review the CVE identifier referenced below for details. Impact A malicious or compromised Flatpak app could execute arbitrary code outside its sandbox....
8.4CVSS
7.7AI Score
0.0004EPSS
ASUS announces major Firmware Update ASUS recently issued a firmware update to resolve a critical security vulnerability affecting seven different variants of its router models. Identified as CVE-2024-3080 with a CVSS v3 severity score of 9.8 (critical), the vulnerability permits remote attackers.....
9.8CVSS
7.8AI Score
0.001EPSS
First million breached Ticketmaster records released for free
The cybercriminal acting under the name "Sp1d3r" gave away the first 1 million records that are part of the data set that they claimed to have stolen from Ticketmaster/Live Nation. The files were released without a price, for free. When Malwarebytes Labs first learned about this data breach, it...
7.2AI Score
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP Job Portal allows Stored XSS.This issue affects WP Job Portal: from n/a through...
5.9CVSS
5.8AI Score
0.0004EPSS
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP Job Portal allows Stored XSS.This issue affects WP Job Portal: from n/a through...
4.8CVSS
0.0004EPSS
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP Job Portal allows Stored XSS.This issue affects WP Job Portal: from n/a through...
4.8CVSS
0.0004EPSS
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP Job Portal allows Stored XSS.This issue affects WP Job Portal: from n/a through...
5.9CVSS
5.7AI Score
0.0004EPSS
CVE-2024-35759 WordPress WP Job Portal plugin <= 2.1.3 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP Job Portal allows Stored XSS.This issue affects WP Job Portal: from n/a through...
5.9CVSS
0.0004EPSS
CVE-2024-35759 WordPress WP Job Portal plugin <= 2.1.3 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP Job Portal allows Stored XSS.This issue affects WP Job Portal: from n/a through...
5.9CVSS
6.8AI Score
0.0004EPSS
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP Job Portal allows Stored XSS.This issue affects WP Job Portal: from n/a through...
5.9CVSS
0.0004EPSS
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP Job Portal allows Stored XSS.This issue affects WP Job Portal: from n/a through...
5.9CVSS
6.8AI Score
0.0004EPSS
8.5AI Score
0.0004EPSS
Fedora 39 : webkitgtk (2024-826bf5a09a)
The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-826bf5a09a advisory. Update to 2.44.2: * Make gamepads visible on axis movements, and not only on button presses. * Disable the gst-libav AAC decoder. * Make user scripts and...
7.1AI Score
0.0004EPSS
AIX is vulnerable to security restrictions bypass due to cURL libcurl (CVE-2024-0853)
IBM SECURITY ADVISORY First Issued: Thu Jun 20 15:10:42 CDT 2024 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/curl_advisory5.asc Security Bulletin: AIX is vulnerable to security restrictions bypass due to cURL libcurl...
5.3CVSS
6.2AI Score
0.001EPSS
Malicious code in tyk-developer-portal (npm)
-= Per source details. Do not edit below this line.=- Source: ossf-package-analysis (9470d0dbad461aef3c32477548b1436fddb07b774a50e7d8aba76571f473eb30) The OpenSSF Package Analysis project identified 'tyk-developer-portal' @ 1.0.0 (npm) as malicious. It is considered malicious because: The...
7.3AI Score
Secure Your Containerized Environments with Qualys Containerized Scanner Appliance (QCSA)
IT has undergone a series of significant shifts over the years, from physical infrastructure to virtual, and how infrastructure was managed and maintained. This shift led IT through the digital transformation era, introducing various types of clouds and “As-a-Service” models. Although...
7AI Score
ViLe Cybercrime Group Members Plead Guilty to Hacking DEA Portal
"ViLe" Hackers Busted! Two men plead guilty to breaching a federal law enforcement portal. Learn about the dangers of cybercrime, doxxing, and how authorities are working to combat these threats. This case highlights the importance of cybersecurity for law enforcement and the consequences for...
7.2AI Score
The Hacking of Culture and the Creation of Socio-Technical Debt
Culture is increasingly mediated through algorithms. These algorithms have splintered the organization of culture, a result of states and tech companies vying for influence over mass audiences. One byproduct of this splintering is a shift from imperfect but broad cultural narratives to a...
6.8AI Score
Warning: Markopolo's Scam Targeting Crypto Users via Fake Meeting Software
A threat actor who goes by alias markopolo has been identified as behind a large-scale cross-platform scam that targets digital currency users on social media with information stealer malware and carries out cryptocurrency theft. The attack chains involve the use of a purported virtual meeting...
6.4AI Score
AlmaLinux 8 : flatpak (ALSA-2024:3961)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:3961 advisory. * flatpak: sandbox escape via RequestBackground portal (CVE-2024-32462) Tenable has extracted the preceding description block directly from the AlmaLinux security...
8.4CVSS
8.5AI Score
0.0004EPSS
AlmaLinux 9 : flatpak (ALSA-2024:3959)
The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:3959 advisory. * flatpak: sandbox escape via RequestBackground portal (CVE-2024-32462) Tenable has extracted the preceding description block directly from the AlmaLinux security...
8.4CVSS
8.5AI Score
0.0004EPSS
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : xdg-desktop-portal (SUSE-SU-2024:2067-1)
The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2067-1 advisory. - CVE-2024-32462: Fix arbitrary code execution outside bwrap sandbox by checking that the first ...
8.4CVSS
8.7AI Score
0.0004EPSS
openSUSE: Security Advisory for xdg (SUSE-SU-2024:2067-1)
The remote host is missing an update for...
8.4CVSS
7.1AI Score
0.0004EPSS
43% of couples experience pressure to share logins and locations, Malwarebytes finds
All isn’t fair in love and romance today, as 43% of people in a committed relationship said they have felt pressured by their own partners to share logins, passcodes, and/or locations. A worrying 7% admitted that this type of pressure has included the threat of breaking up or the threat of...
6.8AI Score