New Gafgyt Botnet Variant Targets Weak SSH Passwords for GPU Crypto Mining

Cybersecurity researchers have discovered a new variant of the Gafgyt botnet that's targeting machines with weak SSH passwords to ultimately mine cryptocurrency on compromised instances using their GPU computational power. This indicates that the "IoT botnet is targeting more robust servers runni...

CVE-2024-7628 MStore API – Create Native Android & iOS Apps On The Cloud <= 4.15.2 - Authentication Bypass to Account Takeover

The MStore API – Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 4.15.2. This is due to the use of loose comparison in the 'verifyidtoken' function. This makes it possible for unauthenticated attackers to...

Our Takeaways From 2024 Gartner Market Guide for Cloud-Native Application Protection Platforms (CNAPP): Insights and Market Evolution

Are your cloud-native applications and multi-cloud infrastructure adequately protected against evolving threats? How confident are you in your current security measures for cloud workloads and containerized environments? The recent Gartner Market Guide for Cloud-Native Application Protection...

Living off the land with Bluetooth PAN

TL:DR Bluetooth is enabled by default on the majority of Windows laptops Bluetooth PAN can be used to bridge connections locally between a client laptop and attacking device Attackers can use Microsoft native SSH client to forward out internal network traffic Windows native SSH is accessible to...

Malicious code in @taxify/eslint-config-react-native (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 5cff605dafce45695b36c5a3ca744b5187bab414e45e390d8e4ac966f6088573 The OpenSSF Package Analysis project identified '@taxify/eslint-config-react-native' @ 9.999.0 npm as malicious. It is considered malicious...

MAL-2024-7898 Malicious code in @taxify/eslint-config-react-native (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 5cff605dafce45695b36c5a3ca744b5187bab414e45e390d8e4ac966f6088573 The OpenSSF Package Analysis project identified '@taxify/eslint-config-react-native' @ 9.999.0 npm as malicious. It is considered malicious...

Important: Red Hat Security Advisory: Red Hat JBoss Web Server 5.8.1 release and security update

An update is now available for Red Hat JBoss Web Server 5.8 on Red Hat Enterprise Linux versions 7, 8, and 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Important: Red Hat Security Advisory: Red Hat JBoss Web Server 5.8.1 release and security update

Red Hat JBoss Web Server 5.8.1 zip release is now available for Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9, and Windows Server. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CV...

RHEL 7 / 8 / 9 : Red Hat JBoss Web Server 5.8.1 (RHSA-2024:5024)

The remote Redhat Enterprise Linux 7 / 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5024 advisory. Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of...

Meshery SQL Injection vulnerability

Meshery is an open source, cloud native manager that enables the design and management of Kubernetes-based infrastructure and applications. A SQL injection vulnerability in Meshery prior to version 0.7.22 may lead to arbitrary file write by using a SQL injection stacked queries payload, and the...

UBUNTU-CVE-2024-6873

It is possible to crash or redirect the execution flow of the ClickHouse server process from an unauthenticated vector by sending a specially crafted request to the ClickHouse server native interface. This redirection is limited to what is available within a 256-byte range of memory at the time o...

PT-2024-37919 · Unknown +1 · Clickhouse

Name of the Vulnerable Software and Affected Versions: ClickHouse versions prior to the latest supported version Description: It is possible to crash or redirect the execution flow of the ClickHouse server process from an unauthenticated vector by sending a specially crafted request to the...

Fedora 40 : xen (2024-169a1cc589)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-169a1cc589 advisory. double unlock in x86 guest IRQ handling XSA-458, CVE-2024-31143 x86: Native Branch History Injection XSA-456 version 3, CVE-2024-2201 Tenable has...

Fedora 39 : xen (2024-58c950d8d8)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-58c950d8d8 advisory. x86: Native Branch History Injection XSA-456 version 3, CVE-2024-2201 double unlock in x86 guest IRQ handling XSA-458, CVE-2024-31143 Tenable has...

CVE-2024-6873

It is possible to redirect the execution flow of the ClickHouse server process from an unauthenticated vector by sending a specially crafted request to the ClickHouse server native interface. This redirection is limited to what is available within a 256-byte range of memory at the time of...

Understanding the Gartner® Market Guide for Cloud-Native Application Protection Platforms

How the market is evolving and why now, more than ever, you need a CNAPP...

CVE-2024-38680 WordPress Appmaker plugin <= 1.36.12 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Appmaker Appmaker – Convert WooCommerce to Android & iOS Native Mobile Apps allows Reflected XSS.This issue affects Appmaker – Convert WooCommerce to Android & iOS Native Mobile Apps: from n...

CVE-2024-40636

Steeltoe is an open source project that provides a collection of libraries that helps users build production-grade cloud-native applications using externalized configuration, service discovery, distributed tracing, application management, and more. When utilizing multiple Eureka server service UR...

age Plugins

age is a file encryption tool, library, and format. It lets you encrypt files to “recipients” and decrypt them with “identities”. $ age-keygen -o key.txt Public key: age1ql3z7hjy54pw3hyww5ayyfg7zqgvc7w3j2elw8zmrj2kg5sfn9aqmcac8p $ tar cvz /data | age -r...

SUSE SLES15 Security Update : xen (SUSE-SU-2024:2533-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2533-1 advisory. - CVE-2024-2201: Mitigation for Native Branch History Injection XSA-456, bsc1222453 - CVE-2024-31143: Fixed double unlock in x86...