GHSA-WP73-MWGF-4JQ9 OpenTelemetry eBPF Instrumentation: Unsafe fastelf parsing allows malformed ELF to crash agent

Summary OBI's replacement ELF parser trusts section offsets, counts, and string offsets from the executable file. A crafted local ELF can make OBI dereference invalid section pointers or slice past string tables, causing the agent to panic while determining the process language. Details...

PT-2026-41782

Name of the Vulnerable Software and Affected Versions OpenTelemetry eBPF Instrumentation versions prior to 0.9.0 Description The replacement ELF parser trusts section offsets, counts, and string offsets from executable files. A crafted local ELF file can cause the agent to dereference invalid...

The Impact of Event Data Partitioning on Privacy-Aware Process Discovery

Information systems support the execution of business processes. The event logs of these executions generally contain sensitive information about customers, patients, and employees. The corresponding privacy challenges can be addressed by anonymizing the event logs while still retaining utility f...

A Bag of RATs: VenomRAT vs. AsyncRAT

Introduction Remote access tools RATs have long been a favorite tool for cyber attackers, since they enable remote control over compromised systems and facilitate data theft, espionage, and continuous monitoring of victims. Among the well-known RATs are VenomRAT and AsyncRAT. These are open-sourc...

Mustang Panda targets European diplomats using enhanced PlugX backdoor

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here Mustang Panda, a Chinese cyberespionage group, has been targeting European diplomats with a revised version of the PlugX backdoor in an ongoing campaign linked to the ongoing conflict in Ukraine. The group, also known as...

Iranian state-sponsored APT group MuddyWater targeting organizations via malicious executables

THREAT LEVEL: Red. United States Cyber Command USCYBERCOM has warned of an ongoing cyber attack by Iranian state sponsored actor named as MuddyWater. This APT group is currently targeting Middle Eastern countries and has also targeted European and North American nations. The Iranian-backed...

2019: Looking Back at Malware

In 2019, attacker behavior evolved, becoming more evasive. The most common behaviors seen across all attack data—mapped to the MITRE ATT&CK™ Framework—were: Software Packing for Defense Evasion, Hidden Windows for Defense Evasion, Standard Application Layer Protocol for Command and Control C2,...

CVE-2018-3100

Vulnerability in the Oracle Business Process Management Suite component of Oracle Fusion Middleware subcomponent: Process Analysis & Discovery. Supported versions that are affected are 11.1.1.7.0, 11.1.1.9.0, 12.1.3.0.0, 12.2.1.2.0 and 12.2.1.3.0. Easily exploitable vulnerability allows...