MAL-2022-209 Malicious code in @dropbox/fetlife-assets (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4b81c53309606cb531509675ff55dd3d9c2b9cd5518165c5de27bd89989205c7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Dropbox: Abuse cookie-modification, toast HTML and expired domain in CSP-form-action replacing login-page at www.dropbox.com/login to submit creds externally

The report demonstrates a method of stealing user credentials by exploiting a permissive domain name check in combination with an outdated dropbox URL in the content-security-poilcy. A fix for the issue has been released and it was applied for existing users through an automatic update. An attack...

Microsoft Blocks Iran-linked Lebanese Hackers Targeting Israeli Companies

Microsoft on Thursday said it took steps to disable malicious activity stemming from abuse of OneDrive by a previously undocumented threat actor it tracks under the chemical element-themed moniker Polonium. In addition to removing the offending accounts created by the Lebanon-based activity group...

Moodle Allows Unauthenticated Dropbox Access

The Dropbox Repository File Picker in Moodle 2.1.x before 2.1.9, 2.2.x before 2.2.6, and 2.3.x before 2.3.3 allows remote authenticated users to access the Dropbox of a different user by leveraging an unattended workstation after a logout...

GHSA-MPJX-8PHJ-5M34 Moodle Allows Unauthenticated Dropbox Access

The Dropbox Repository File Picker in Moodle 2.1.x before 2.1.9, 2.2.x before 2.2.6, and 2.3.x before 2.3.3 allows remote authenticated users to access the Dropbox of a different user by leveraging an unattended workstation after a logout...

Mustang Panda targets European diplomats using enhanced PlugX backdoor

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here Mustang Panda, a Chinese cyberespionage group, has been targeting European diplomats with a revised version of the PlugX backdoor in an ongoing campaign linked to the ongoing conflict in Ukraine. The group, also known as...

CVE-2022-26181

Dropbox Lepton v1.2.1-185-g2a08b77 was discovered to contain a heap-buffer-overflow in the function aligneddealloc:src/lepton/bitops.cc:108...

CVE-2022-26181

Dropbox Lepton v1.2.1-185-g2a08b77 was discovered to contain a heap-buffer-overflow in the function aligneddealloc:src/lepton/bitops.cc:108...

CVE-2022-26181

Dropbox Lepton v1.2.1-185-g2a08b77 was discovered to contain a heap-buffer-overflow in the function aligneddealloc:src/lepton/bitops.cc:108...

Heap overflow

Dropbox Lepton v1.2.1-185-g2a08b77 was discovered to contain a heap-buffer-overflow in the function aligneddealloc:src/lepton/bitops.cc:108...

CVE-2022-26181

Dropbox Lepton v1.2.1-185-g2a08b77 was discovered to contain a heap-buffer-overflow in the function aligneddealloc:src/lepton/bitops.cc:108...

UBUNTU-CVE-2022-26181

Dropbox Lepton v1.2.1-185-g2a08b77 was discovered to contain a heap-buffer-overflow in the function aligneddealloc:src/lepton/bitops.cc:108...

CVE-2022-26181

CVE-2022-26181 affects Dropbox Lepton, specifically v1.2.1-185-g2a08b77, with a heap-based buffer overflow in the function aligned_dealloc() at src/lepton/bitops.cc:108. The incident is documented across multiple sources (NVD, OSV, Red Hat, Ubuntu and others) and is characterized by a heap-buffer...

CVE-2022-26181

Dropbox Lepton v1.2.1-185-g2a08b77 was discovered to contain a heap-buffer-overflow in the function aligneddealloc:src/lepton/bitops.cc:108...

Dropbox Lepton 缓冲区错误漏洞

Dropbox Lepton is a set of tools for lossless compression of JPEG format files. A security vulnerability exists in Dropbox Lepton v1.2.1-185-g2a08b77, which stems from a heap buffer overflow contained in the function aligneddealloc:src/lepton/bitops.cc:108...

Threat Campaign by Molerats uses NimbleMamba Malware to target Middle East

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here An APT group Molerats associated with Gaza has launched a new threat campaign using a malware NimbleMamba aimed at Middle Eastern governments, foreign policy think tanks, and even a state-owned airline. The current attack was...

Palestine-Aligned Hackers Use New NimbleMamba Implant in Recent Attacks

An advanced persistent threat APT hacking group operating with motives that likely align with Palestine has embarked on a new campaign that takes advantage of a previously undocumented implant called NimbleMamba. The intrusions leveraged a sophisticated attack chain targeting Middle Eastern...

Dropbox: Exfiltrate GDrive access token using CSRF

The report demonstrates a method of redirecting Google Drive OAuth tokens from Dropbox. A fix for the issue has been released and it was applied for existing users through an automatic update. An attacker could exploit this vulnerability by getting a user to visit a specially-crafted link that se...

MoleRats APT Launches Spy Campaign on Bankers, Politicians, Journalists

Malicious files doctored up to look like legitimate content related to the Israeli-Palestine conflict are being used to target prominent Palestinians, as well as activists and journalists in Turkey, with spyware. That’s according to a disclosure from Zscaler, which attributes the cyberattacks to...

Molerats Hackers Hiding New Espionage Attacks Behind Public Cloud Infrastructure

An active espionage campaign has been attributed to the threat actor known as Molerats that abuses legitimate cloud services like Google Drive and Dropbox to host malware payloads and for command-and-control and the exfiltration of data from targets across the Middle East. The cyber offensive is...