More_eggs MaaS Expands Operations with RevC2 Backdoor and Venom Loader

The threat actors behind the Moreeggs malware have been linked to two new malware families, indicating an expansion of its malware-as-a-service MaaS operation. This includes a novel information-stealing backdoor called RevC2 and a loader codenamed Venom Loader, both of which are deployed using...

The vulnerability of TP-Link Archer C7 Wi-Fi routers’ microprogramming software lies in the absence of authentication for a critical function, allowing attackers to gain unauthorized access to protected information.

The vulnerability of TP-Link Archer C7 Wi-Fi routers’ microprogramming software is related to the absence of authentication for a critical function during the loading of the l00.xml page. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to...

Malicious code in shopee-ui-automatic-import-loader (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6e30109d0ce569668c54f7d030ae4d33fd3858572a05996c3a53877d48629ef8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-11094 Malicious code in shopee-ui-automatic-import-loader (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6e30109d0ce569668c54f7d030ae4d33fd3858572a05996c3a53877d48629ef8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

USN-7129-1: TinyGLTF vulnerability

It was discovered that TinyGLTF performed file path expansion in an insecure way on certain inputs. An attacker could possibly use this issue to cause a denial of service, or execute arbitrary code...

edk2: Integer overflows in PeCoffLoaderRelocateImage

A flaw was found in the EDK2 package. This flaw allows an attacker to cause memory corruption due to an overflow via an adjacent network. This issue may lead to loss of confidentiality, integrity, and availability...

The vulnerability of Grub2 operating system loaders, related to the incorrect use of standard permissions, allows attackers to circumvent security restrictions and gain unauthorized access to protected information.

The vulnerability of Grub2 operating system loaders is related to the incorrect use of standard permissions. Exploiting this vulnerability can allow attackers to circumvent security restrictions and gain unauthorized access to protected information...

WordPress CM Header & Footer Script Loader plugin <= 1.2.1 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin CM Header and Footer versions = 1.2.1...

WordPress CM Header & Footer Script Loader Plugin <= 1.2.1 is vulnerable to Cross Site Scripting (XSS)

Software CM Header & Footer Script Loader Type Plugin Vulnerable versions = 1.2.1 Fixed in 1.2.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-11202 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 36d111d1460e Credits...

Astra Linux – Vulnerability in Chromium

The use of “after free” in the Loader component in Google Chrome before version 127.0.6533.72 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...

Simple macOS kernel extension fuzzing in userspace with IDA and TinyInst

Posted by Ivan Fratric, Google Project Zero Recently, one of the projects I was involved in had to do with video decoding on Apple platforms, specifically AV1 decoding. On Apple devices that support AV1 video format starting from Apple A17 iOS / M3 macOS, decoding is done in hardware. However,...

edk2: Integer overflows in PeCoffLoaderRelocateImage

A flaw was found in the EDK2 package. This flaw allows an attacker to cause memory corruption due to an overflow via an adjacent network. This issue may lead to loss of confidentiality, integrity, and availability...

kernel security update

5.14.0-503.14.15.OL9 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...

The vulnerability of the efi/capsule-loader component of the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the efi/capsule-loader component in the Linux operating system is related to a memory corruption in the eficapsuleopen function. Exploiting this vulnerability can allow an attacker to cause a service failure...

New Stealthy BabbleLoader Malware Spotted Delivering WhiteSnake and Meduza Stealers

Cybersecurity researchers have shed light on a new stealthy malware loader called BabbleLoader that has been observed in the wild delivering information stealer families such as WhiteSnake and Meduza. BabbleLoader is an "extremely evasive loader, packed with defensive mechanisms, that is designed...

Security update for SUSE Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: Security fixes on Python 3.11 interpreter: CVE-2024-7592: Fixed quadratic complexity in parsing -quoted cookie values with backslashes bsc1229873, bsc1230059 CVE-2024-8088: Prevent malformed payload to cause infinite loops in zipfile.Path...

Security update for SUSE Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: Security fixes on Python 3.11 interpreter: CVE-2024-7592: Fixed quadratic complexity in parsing -quoted cookie values with backslashes bsc1229873, bsc1230059 CVE-2024-8088: Prevent malformed payload to cause infinite loops in zipfile.Path...

Fedora 37 : php-twig2 (2022-73b9fb7a77)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-73b9fb7a77 advisory. Version 2.15.3 2022-09-28 Fix a security issue on filesystem loader possibility to load a template outside a configured directory Tenable has extracted the...

The vulnerability of GRUB’s NTFS driver, a loader program for operating systems, relates to reading memory beyond the buffer boundaries, allowing an attacker to read the contents of the RAM.

The vulnerability of the GRUB loader driver for NTFS operating systems involves reading memory beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to read the contents of the RAM...

Fedora 37 : php-twig (2022-c6fe3ebd94)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-c6fe3ebd94 advisory. Version 1.44.7 2022-09-28 Fix a security issue on filesystem loader possibility to load a template outside a configured directory Tenable has extracted the...