An educational robot security research
In the modern world, we are surrounded by a multitude of smart devices that simplify our daily lives: smart speakers, robotic vacuum cleaners, automatic pet feeders and even entire smart homes. Toy manufacturers are striving to keep up with these trends, releasing more and more models that can...
8.1AI Score
TimbreStealer campaign targets Mexican users with financial lures
Cisco Talos has discovered a new campaign operated by a threat actor distributing a previously unknown malware we're calling "TimbreStealer." This threat actor was observed distributing TimbreStealer via a spam campaign using Mexican tax-related themes starting in at least November 2023. The...
7.8AI Score
Open-Source Xeno RAT Trojan Emerges as a Potent Threat on GitHub
An "intricately designed" remote access trojan (RAT) called Xeno RAT has been made available on GitHub, making it easily accessible to other actors at no extra cost. Written in C# and compatible with Windows 10 and Windows 11 operating systems, the open-source RAT comes with a "comprehensive set...
7.5AI Score
Android banking trojans: How they steal passwords and drain bank accounts
For the most popular operating system in the world—which is Android and it isn’t even a contest—there’s a sneaky cyberthreat that can empty out a person’s bank accounts to fill the illicit coffers of cybercriminals. These are “Android banking trojans,” and, according to our 2024 ThreatDown State...
7.5AI Score
Kirby vulnerable to Cross-site scripting (XSS) in the link field "Custom" type
TL;DR This vulnerability affects Kirby sites that use the new link field and output the entered link without additional validation or sanitization. The attack commonly requires user interaction by another user or visitor. The link dialog of the writer field is not affected as the writer field...
4.6CVSS
5.7AI Score
0.0004EPSS
Kirby vulnerable to Cross-site scripting (XSS) in the link field "Custom" type
TL;DR This vulnerability affects Kirby sites that use the new link field and output the entered link without additional validation or sanitization. The attack commonly requires user interaction by another user or visitor. The link dialog of the writer field is not affected as the writer field...
4.6CVSS
5.7AI Score
0.0004EPSS
The EDS-4000/G4000 Series prior to version 3.2 includes IP forwarding capabilities that users cannot deactivate. An attacker may be able to send requests to the product and have it forwarded to the target. An attacker can bypass access controls or hide the source of malicious...
6.5CVSS
6.5AI Score
0.0004EPSS
The EDS-4000/G4000 Series prior to version 3.2 includes IP forwarding capabilities that users cannot deactivate. An attacker may be able to send requests to the product and have it forwarded to the target. An attacker can bypass access controls or hide the source of malicious...
6.5CVSS
6.5AI Score
0.0004EPSS
The EDS-4000/G4000 Series prior to version 3.2 includes IP forwarding capabilities that users cannot deactivate. An attacker may be able to send requests to the product and have it forwarded to the target. An attacker can bypass access controls or hide the source of malicious...
6.5CVSS
7.4AI Score
0.0004EPSS
CVE-2024-0387 EDS-4000/G4000 Series IP Forwarding Vulnerability
The EDS-4000/G4000 Series prior to version 3.2 includes IP forwarding capabilities that users cannot deactivate. An attacker may be able to send requests to the product and have it forwarded to the target. An attacker can bypass access controls or hide the source of malicious...
6.5CVSS
6.7AI Score
0.0004EPSS
SVR Cyber Actors Adapt Tactics for Initial Cloud Access
How SVR-Attributed Actors are Adapting to the Move of Government and Corporations to Cloud Infrastructure OVERVIEW This advisory details recent tactics, techniques, and procedures (TTPs) of the group commonly known as APT29, also known as Midnight Blizzard, the Dukes, or Cozy Bear. The UK National....
7.6AI Score
The mobile malware threat landscape in 2023
The figures above are based on detection statistics received from Kaspersky users who consented to sharing usage data with Kaspersky Security Network. The data for years preceding 2023 may differ from that published previously, as the calculation methodology was refined, and the data was...
7.4AI Score
SMS Alert Order Notifications – WooCommerce < 3.7.0 - Cross-Site Request Forgery
Description The SMS Alert Order Notifications – WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.6.9. This is due to missing or incorrect nonce validation on the processBulkAction function. This makes it possible for...
4.3CVSS
6.6AI Score
0.0004EPSS
Deepfake Threat: $2 Deceptive Content Undermines Election Integrity
By Deeba Ahmed In 2024, over 60 countries worldwide are holding elections. The most significant threat to the integrity of these elections? Deepfake videos, readily accessible on the dark web and Telegram, with prices ranging from as low as $2 to $100. This is a post from HackRead.com Read the...
7.3AI Score
TikTok’s latest actions to combat misinformation shows it’s not just a U.S. problem
When we talk about the term "fake news," most people likely picture a certain person who made the term infamous. And when we talk about misinformation and disinformation, many will remember the "Russian troll farms" that popped up during the 2016 U.S. presidential election and were unmasked and...
6.9AI Score
Apple Unveils PQ3 Protocol - Post-Quantum Encryption for iMessage
Apple has announced a new post-quantum cryptographic protocol called PQ3 that it said will be integrated into iMessage to secure the messaging platform against future attacks arising from the threat of a practical quantum computer. "With compromise-resilient encryption and extensive defenses...
8.4AI Score
Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through February 29th, 2024 when you opt to have Wordfence handle responsible disclosure! Last week, there were 78 vulnerabilities disclosed in 63...
10CVSS
9.2AI Score
0.001EPSS
dav1d is vulnerable of integer overflow. The vulnerability due to improper memory allocation in dav1d AV1 decoder that can occur when decoding videos with large frame size. it could indeed lead to memory corruption and pose a security...
5.9CVSS
6.9AI Score
0.0005EPSS
Signal Introduces Usernames, Allowing Users to Keep Their Phone Numbers Private
End-to-end encrypted (E2EE) messaging app Signal said it's piloting a new feature that allows users to create unique usernames (not to be confused with profile names) and keep the phone numbers away from prying eyes. "If you use Signal, your phone number will no longer be visible to everyone you...
9.8CVSS
9.6AI Score
0.074EPSS
View transitions: Handling aspect ratio changes
This post assumes some knowledge of view transitions. If you're looking for a from-scratch intro to the feature, see this article. When folks ask me for help with view transition animations that "don't quite look right", it's usually because the content changes aspect ratio. Here's how to handle...
7.4AI Score
7.4AI Score
0.0004EPSS
OpenOLAT 18.1.5 Cross Site Scripting / Privilege Escalation Vulnerabilities
OpenOLAT versions 18.1.4 and below and versions 18.1.5 and below suffer from multiple persistent cross site scripting...
6.3AI Score
0.0004EPSS
The EmbedPress – Embed PDF, YouTube, Google Docs, Vimeo, Wistia Videos, Audios, Maps & Any Documents in Gutenberg & Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 3.9.8 due to insufficient input...
6.4CVSS
5.8AI Score
0.0004EPSS
The EmbedPress – Embed PDF, YouTube, Google Docs, Vimeo, Wistia Videos, Audios, Maps & Any Documents in Gutenberg & Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Google Calendar Widget Link in all versions up to, and including, 3.9.8 due to insufficient input.....
6.4CVSS
5.8AI Score
0.0004EPSS
New Migo Malware Targeting Redis Servers for Cryptocurrency Mining
A novel malware campaign has been observed targeting Redis servers for initial access with the ultimate goal of mining cryptocurrency on compromised Linux hosts. "This particular campaign involves the use of a number of novel system weakening techniques against the data store itself," Cado...
9.8CVSS
7.4AI Score
0.074EPSS
Wyze cameras show the wrong feeds to customers. Again.
Last September, we wrote an article about how Wyze home cameras temporarily showed other people’s security feeds. As far as home cameras go, we said this is absolutely up there at the top of the “things you don’t want to happen” list. Turning your customers into Peeping Tom against their will and.....
7.4AI Score
Novel Smishing Kit Leverages Cloud Platform
Summary: SNS Sender, a malicious Python script that leverages AWS SNS for mass SMS spamming, presents a novel approach to cloud-based attack tools, particularly in the area of smishing. The ARDUINO_DAS threat actor is linked to the operation that uses this cloud capability to send out a lot of...
6.8AI Score
November 14, 2023—KB5032190 (OS Builds 22621.2715 and 22631.2715)
November 14, 2023—KB5032190 (OS Builds 22621.2715 and 22631.2715) UPDATED 2/27/24 IMPORTANT: New dates for the end of non-security updates for Windows 11, version 22H2The new end date is June 24, 2025 for Windows 11, version 22H2 Enterprise, Education, IoT Enterprise, and Enterprise multi-session.....
9.8CVSS
8.2AI Score
0.57EPSS
Iran and Hezbollah Hackers Launch Attacks to Influence Israel-Hamas Narrative
Hackers backed by Iran and Hezbollah staged cyber attacks designed to undercut public support for the Israel-Hamas war after October 2023. This includes destructive attacks against key Israeli organizations, hack-and-leak operations targeting entities in Israel and the U.S., phishing campaigns...
9.8CVSS
9.4AI Score
0.074EPSS
This Week in Spring - February 20th, 2024
Hi, Spring fans! Welcome to another installment of This Week in Spring! How are you this fine 20th of February, 2024? I'm doing alright on this rainy 20th of Feburary here in San Francisco, and I hope you are too! We've got a ton of things to get into this week so let's dive right into it! Have...
7.2AI Score
WP SMS < 6.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
Description The WP SMS – Messaging & SMS Notification for WordPress, WooCommerce, GravityForms, etc plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 6.3.4 due to insufficient input sanitization and output escaping....
5.6AI Score
0.0004EPSS
Meta Warns of 8 Spyware Firms Targeting iOS, Android, and Windows Devices
Meta Platforms said it took a series of steps to curtail malicious activity from eight different firms based in Italy, Spain, and the United Arab Emirates (U.A.E.) operating in the surveillance-for-hire industry. The findings are part of its Adversarial Threat Report for the fourth quarter of...
9.8CVSS
9.6AI Score
0.074EPSS
dav1d AV1 decoder integer overflow
An integer overflow in dav1d AV1 decoder that can occur when decoding videos with large frame size. This can lead to memory corruption within the AV1 decoder. We recommend upgrading to version 0.7.0 of libdav1d-sys, which includes dav1d...
5.9CVSS
7.6AI Score
0.0005EPSS
An integer overflow in dav1d AV1 decoder that can occur when decoding videos with large frame size. This can lead to memory corruption within the AV1 decoder. We recommend upgrading past version 1.4.0 of...
5.9CVSS
6AI Score
0.0005EPSS
An integer overflow in dav1d AV1 decoder that can occur when decoding videos with large frame size. This can lead to memory corruption within the AV1 decoder. We recommend upgrading past version 1.4.0 of...
5.9CVSS
5.8AI Score
0.0005EPSS
An integer overflow in dav1d AV1 decoder that can occur when decoding videos with large frame size. This can lead to memory corruption within the AV1 decoder. We recommend upgrading past version 1.4.0 of...
5.9CVSS
7.5AI Score
0.0005EPSS
An integer overflow in dav1d AV1 decoder that can occur when decoding videos with large frame size. This can lead to memory corruption within the AV1 decoder. We recommend upgrading past version 1.4.0 of...
5.9CVSS
5.9AI Score
0.0005EPSS
An integer overflow in dav1d AV1 decoder that can occur when decoding videos with large frame size. This can lead to memory corruption within the AV1 decoder. We recommend upgrading past version 1.4.0 of...
5.9CVSS
6.1AI Score
0.0005EPSS
An integer overflow in dav1d AV1 decoder that can occur when decoding videos with large frame size. This can lead to memory corruption within the AV1 decoder. We recommend upgrading past version 1.4.0 of...
5.9CVSS
7.8AI Score
0.0005EPSS
CVE-2024-1580 Integer overflow in VideoLAN dav1d
An integer overflow in dav1d AV1 decoder that can occur when decoding videos with large frame size. This can lead to memory corruption within the AV1 decoder. We recommend upgrading past version 1.4.0 of...
5.9CVSS
6.1AI Score
0.0005EPSS
An integer overflow in dav1d AV1 decoder that can occur when decoding videos with large frame size. This can lead to memory corruption within the AV1 decoder. We recommend upgrading past version 1.4.0 of...
5.9CVSS
7.5AI Score
0.0005EPSS
In setListening of AppOpsControllerImpl.java, there is a possible way to hide the microphone privacy indicator when restarting systemUI due to a missing check for active recordings. This could lead to local denial of service with no additional execution privileges needed. User interaction is...
6.4AI Score
0.0004EPSS
In setListening of AppOpsControllerImpl.java, there is a possible way to hide the microphone privacy indicator when restarting systemUI due to a missing check for active recordings. This could lead to local denial of service with no additional execution privileges needed. User interaction is...
6.5AI Score
0.0004EPSS
In setListening of AppOpsControllerImpl.java, there is a possible way to hide the microphone privacy indicator when restarting systemUI due to a missing check for active recordings. This could lead to local denial of service with no additional execution privileges needed. User interaction is...
7.1AI Score
0.0004EPSS
In setListening of AppOpsControllerImpl.java, there is a possible way to hide the microphone privacy indicator when restarting systemUI due to a missing check for active recordings. This could lead to local denial of service with no additional execution privileges needed. User interaction is...
6.6AI Score
0.0004EPSS
Malicious 'SNS Sender' Script Abuses AWS for Bulk Smishing Attacks
A malicious Python script known as SNS Sender is being advertised as a way for threat actors to send bulk smishing messages by abusing Amazon Web Services (AWS) Simple Notification Service (SNS). The SMS phishing messages are designed to propagate malicious links that are designed to capture...
9.8CVSS
9.5AI Score
0.074EPSS
Wordfence Intelligence Weekly WordPress Vulnerability Report (February 5, 2024 to February 11, 2024)
Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through February 29th, 2024 when you opt to have Wordfence handle responsible disclosure! Last week, there were 95 vulnerabilities disclosed in 65...
10CVSS
9AI Score
0.154EPSS
Chinese Hackers Using Deepfakes in Advanced Mobile Banking Malware Attacks
A Chinese-speaking threat actor codenamed GoldFactory has been attributed to the development of highly sophisticated banking trojans, including a previously undocumented iOS malware called GoldPickaxe that's capable of harvesting identity documents, facial recognition data, and intercepting SMS....
6.7AI Score
The Added Value of SNI-Only Mode in Imperva Cloud WAF
Imperva has modified the default behavior for new cloud WAF sites, now enforcing Server Name Indication (SNI)-only traffic by default. This shift is aimed at optimizing the utilization of TLS-related features, both those currently in place and those slated for the future roadmap. This blog post...
7AI Score
EmbedPress < 3.9.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
Description The EmbedPress – Embed PDF, YouTube, Google Docs, Vimeo, Wistia Videos, Audios, Maps & Any Documents in Gutenberg & Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 3.9.8 due to insufficient.....
5.9AI Score
0.0004EPSS