New PowerExchange Backdoor Used in Iranian Cyber Attack on UAE Government

An unnamed government entity associated with the United Arab Emirates U.A.E. was targeted by a likely Iranian threat actor to breach the victim's Microsoft Exchange Server with a "simple yet effective" backdoor dubbed PowerExchange. According to a new report from Fortinet FortiGuard Labs, the...

Buhti Ransomware Gang Switches Tactics, Utilizes Leaked LockBit and Babuk Code

The threat actors behind the nascent Buhti ransomware have eschewed their custom payload in favor of leaked LockBit and Babuk ransomware families to strike Windows and Linux systems. "While the group doesn't develop its own ransomware, it does utilize what appears to be one custom-developed tool,...

Cameleon CMS 2.7.4 Cross Site Scripting

Exploit Title: Authenticated Persistent XSS in Cameleon CMS 2.7.4 Google Dork: intext:"Camaleon CMS is a free and open-source tool and a fexible content management system CMS based on Ruby on Rails" Date: 2023-10-05 Exploit Author: Yasin Gergin Vendor Homepage: http://camaleon.tuzitio.com Softwar...

Moderate: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.12.3 Security and Bug fix update

Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.12.3 on Red Hat Enterprise Linux 8 from Red Hat Container Registry. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS bas...

Cameleon CMS 2.7.4 - Persistent Stored XSS in Post Title

Exploit Title: Authenticated Persistent XSS in Cameleon CMS 2.7.4 Google Dork: intext:"Camaleon CMS is a free and open-source tool and a fexible content management system CMS based on Ruby on Rails" Date: 2023-10-05 Exploit Author: Yasin Gergin Vendor Homepage: http://camaleon.tuzitio.com Softwar...

Cameleon CMS 2.7.4 - Persistent Stored XSS in Post Title Vulnerability

Exploit Title: Authenticated Persistent XSS in Cameleon CMS 2.7.4 Google Dork: intext:"Camaleon CMS is a free and open-source tool and a fexible content management system CMS based on Ruby on Rails" Exploit Author: Yasin Gergin Vendor Homepage: http://camaleon.tuzitio.com Software Link:...

APT attacks: Exploring Advanced Persistent Threats and their evasive techniques

Cyber criminals come in all shapes and sizes. On one end of the spectrum, theres the script kiddie or inexperienced ransomware gang looking to make a quick buck. On the other end are state-sponsored groups using far more sophisticated tactics--often with long-term, strategic goals in mind. Advanc...

CVE-2023-30452

The MoroSystems EasyMind - Mind Maps plugin before 2.15.0 for Confluence allows persistent XSS when saving a Mind Map with the hyperlink parameter...

Cross site scripting

The MoroSystems EasyMind - Mind Maps plugin before 2.15.0 for Confluence allows persistent XSS when saving a Mind Map with the hyperlink parameter...

China's Mustang Panda Hackers Exploit TP-Link Routers for Persistent Attacks

The Chinese nation-state actor known as Mustang Panda has been linked to a new set of sophisticated and targeted attacks aimed at European foreign affairs entities since January 2023. An analysis of these intrusions, per Check Point researchers Itay Cohen and Radoslaw Madej, has revealed a custom...

CVE-2023-30452

The MoroSystems EasyMind - Mind Maps plugin before 2.15.0 for Confluence allows persistent XSS when saving a Mind Map with the hyperlink parameter...

CVE-2023-30452

The CVE-2023-30452 entry concerns MoroSystems EasyMind - Mind Maps plugin for Confluence (versions prior to 2.15.0). The vulnerability is a persistent XSS flaw that occurs when saving a Mind Map with the hyperlink parameter. The base metrics indicate a Medium impact (CVSS 3.1: AV:N/AC:L/PR:L/UI:R...

CVE-2023-30452

The MoroSystems EasyMind - Mind Maps plugin before 2.15.0 for Confluence allows persistent XSS when saving a Mind Map with the hyperlink parameter...

Jenkins HashiCorp Vault Plugin 日志信息泄露漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

Design/Logic Flaw

In registerPhoneAccount of PhoneAccountRegistrar.java, uncaught exceptions in parsing persisted user data could lead to local persistent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-1...

New Stealthy Variant of Linux Backdoor BPFDoor Emerges from the Shadows

A previously undocumented and mostly undetected variant of a Linux backdoor called BPFDoor has been spotted in the wild, cybersecurity firm Deep Instinct said in a technical report published this week. "BPFDoor retains its reputation as an extremely stealthy and difficult-to-detect malware with...

GHSA-M974-XJ4J-7QV5 Boxo bitswap/server: DOS unbounded persistent memory leak

Impact An attacker is able allocate arbitrarily many bytes in the Bitswap server by sending many WANTBLOCK and or WANTHAVE requests which are queued in an unbounded queue, with allocations that persist even if the connection is closed. This affects users accepting untrusted connections with the...

New APT Group Red Stinger Targets Military and Critical Infrastructure in Eastern Europe

A previously undetected advanced persistent threat APT actor dubbed Red Stinger has been linked to attacks targeting Eastern Europe since 2020. "Military, transportation, and critical infrastructure were some of the entities being targeted, as well as some involved in the September East Ukraine...

Malicious code in becoming-the-narcissists-nightmare-how-to-devalue-and-discard-the-narcissist-while-supplying-yoursel (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2208fd1d29f35f1fe83fe7c0a7a30f398ce914f799fed6a37b0e1eef3bf74dd2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in dow-load-becoming-the-narcissists-nightmare-how-to-devalue-and-discard-the-narcissist-whil (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 92cf782e425254e89048eca9c2e7b572c71ee3d117f3f3067078d5dbf33bbcdc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...