New Threat Actor WIP26 Targeting Telecom Service Providers in the Middle East

Telecommunication service providers in the Middle East are being targeted by a previously undocumented threat actor as part of a suspected intelligence gathering mission. Cybersecurity firms SentinelOne and QGroup are tracking the activity cluster under the former's work-in-progress moniker WIP26...

firebase.com.br Cross Site Scripting vulnerability OBB-3141512

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

androidx.health:health-services-client (>=1.0.0-alpha02 <=1.0.0-alpha03), androidx.security:security-crypto (=1.0.0-rc01) +70 more potentially affected by CVE-2022-3509 via com.google.protobuf:protobuf-javalite (>=3.10.0-rc-1 <=3.15.5)

com.google.protobuf:protobuf-javalite MAVEN version =3.10.0-rc-1, =1.0.0-alpha02, =1.2.2, =1.1, =2.15.3unofficial1, =2.15.3unofficial1, =0.2.35-snapshot, =1.3.0, =21.5.0, =25.1.2 and more Source cves: CVE-2022-3509 Source advisory: OSV:GHSA-G5WW-5JH7-63CX...

This Week in Spring - December 6th, 2022

Hi, Spring fans! Welcome to another installment of This Week in Spring! How are you? You know what Ive wanted to do? See my friends on the Spring team in person since the pandemic descended. And, Im overjoyed to relate, Ive just had the privilege of a nice meeting with several of them last night...

Slicer - Tool To Automate The Boring Process Of APK Recon

A tool to automate the recon process on an APK file. Slicer accepts a path to an extracted APK file and then returns all the activities, receivers, and services which are exported and have null permissions and can be externally provoked. Note : The APK has to be extracted via jadx or apktool...

Kimsuky Hackers Spotted Using 3 New Android Malware to Target South Koreans

The North Korean espionage-focused actor known as Kimsuky has been observed using three different Android malware strains to target users located in its southern counterpart. That's according to findings from South Korean cybersecurity company S2W, which named the malware families FastFire,...

com.google.ambient.crossdevice:crossdevice (=0.1.0-preview01), com.google.firebase:firebase-dataconnect (=16.0.0-beta01) +2 more potentially affected by CVE-2022-3171 via com.google.protobuf:protobuf-kotlin-lite (>=3.21.11 <=3.21.3)

com.google.protobuf:protobuf-kotlin-lite MAVEN version =3.21.11, =3.21.3 is affected by a known vulnerability. The following packages have a transitive dependency on com.google.protobuf:protobuf-kotlin-lite and may be impacted: - com.google.ambient.crossdevice:crossdevice =0.1.0-preview01 -...

aat-downloader (>=0.0.1 <=0.0.3), audittracker (=0.4.0) +30 more potentially affected by CVE-2022-39227 via python-jwt (>=2.0.1 <=3.3.0)

python-jwt PYPI version =2.0.1, =0.0.1, =1.0.1, =0.1.0.2, =6.0.0a1, =0.0.3, =1.0.3, =3.0.27, =0.0.4, =1.0.0, =1.0.6, =0.0.1, =0.5.0 and more Source cves: CVE-2022-39227 Source advisory: OSV:GHSA-5P8V-58QM-C7FP...

MTN Group: Firebase credentials leak

Summary: This report is regarding the fix of 1351329. The fix is not patched fully, comments are visible to anyone and an attacker can utilize this for further attacks. Steps To Reproduce: go to : view-source:https://mpulse.mtn.ng/ search for 'Initialize Firebase' as you can see the firebase...

Over a Dozen Android Apps on Google Play Store Caught Dropping Banking Malware

A malicious campaign leveraged seemingly innocuous Android dropper apps on the Google Play Store to compromise users' devices with banking malware. These 17 dropper apps, collectively dubbed DawDropper by Trend Micro, masqueraded as productivity and utility apps such as document scanners, QR code...

MAL-2022-143 Malicious code in @boosted-bounty/firebase-helpers-js (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 948a8d680d689630aad1614e4a8b58cad4c431fb2d9e87887c4055879595ae95 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in @boosted-bounty/firebase-helpers-js (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 948a8d680d689630aad1614e4a8b58cad4c431fb2d9e87887c4055879595ae95 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in @boosted-bounty/firebase-helpers (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8a118911f03aac1a4a4258e57d888ff6d41091eb0eaa8473b1ff1fbd2db4225d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in @boosted-bounty/firebase-queue (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 15ca2bdb5a1428f6304b1f11c70817ec28f2d7ee836fd9dfcc1dee58d87d7a37 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in firebase-extensions (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f9dca7310064a3a322dfe846cb9d4281fd3cf989200ce6d90658bc18da836c71 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-3048 Malicious code in firebase-extensions (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f9dca7310064a3a322dfe846cb9d4281fd3cf989200ce6d90658bc18da836c71 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-3050 Malicious code in firebase-wiki (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e426a5067aced747a99ed17fa0412f8f0415412e1129a0dd4803e4bbb78e68cb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in firebase-wiki (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e426a5067aced747a99ed17fa0412f8f0415412e1129a0dd4803e4bbb78e68cb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-3049 Malicious code in firebase-radar (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3bcbd61fff9e54ea05b865ebe0b71ea002f1c613bdb99d9a78557dab8fa94691 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in firebase-radar (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3bcbd61fff9e54ea05b865ebe0b71ea002f1c613bdb99d9a78557dab8fa94691 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...