Apple fixes zero-day vulnerability used in “extremely sophisticated attack”

Apple has released an emergency security update for a vulnerability which it says may have been exploited in an "extremely sophisticated attack against specific targeted individuals.” The update is available for: iOS 18.3.1 and iPadOS 18.3.1 - iPhone XS and later, iPad Pro 13-inch, iPad Pro...

About the security content of watchOS 11.3.1

About the security content of watchOS 11.3.1 This document describes the security content of watchOS 11.3.1. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are...

CVE-2025-24200

An authorization issue was addressed with improved state management. This issue is fixed in iPadOS 17.7.5, iOS 18.3.1 and iPadOS 18.3.1. A physical attack may disable USB Restricted Mode on a locked device. Apple is aware of a report that this issue may have been exploited in an extremely...

About the security content of macOS Ventura 13.7.4

About the security content of macOS Ventura 13.7.4 This document describes the security content of macOS Ventura 13.7.4. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or...

CVE-2022-39248

matrix-android-sdk2 is the Matrix SDK for Android. Prior to version 1.5.1, an attacker cooperating with a malicious homeserver can construct messages that legitimately appear to have come from another person, without any indication such as a grey shield. Additionally, a sophisticated attacker...

Israeli Spyware Firm Paragon Linked to WhatsApp Zero-Click Attack

WhatsApp recently revealed a targeted spyware campaign linked to the Israeli firm Paragon, which affected 90 individuals, including…...

D-Link DIR-619L B1 Buffer Overflow Vulnerability (CNVD-2024-41691)

The D-Link DIR-619L B1 is a wireless router manufactured by D-Link. A buffer overflow vulnerability exists in the D-Link DIR-619L B1 2.06 firmware. The vulnerability is caused due to buffer overflow by buffer copying without checking the input size thus affecting the formSetWizardSelectMode...

Malicious Python Package Hides Sliver C2 Framework in Fake Requests Library Logo

Cybersecurity researchers have identified a malicious Python package that purports to be an offshoot of the popular requests library and has been found concealing a Golang-version of the Sliver command-and-control C2 framework within a PNG image of the project's logo. The package employing this...

Tenda W15E Stack Buffer Overflow Vulnerability

Tenda W15E is a 1200M11AC dual-band enterprise-grade wireless router with strong signal and rich features designed for small businesses and large families with multiple users connecting to the Internet. A stack buffer overflow vulnerability exists in the Tenda W15E in version 15.11.0.14. The...

Alert: New Stealthy "RustDoor" Backdoor Targeting Apple macOS Devices

Apple macOS users are the target of a new Rust-based backdoor that has been operating under the radar since November 2023. The backdoor, codenamed RustDoor by Bitdefender, has been found to impersonate an update for Microsoft Visual Studio and target both Intel and Arm architectures. The exact...

Malicious code in enumerate-iam-aws (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 46f8fde812a7274ad1e270e0cc3a8698349365af5d85ee9b89248fa467e5bf2f Attack targeted at users of Alibaba, AWS and Telegram via malicious packages published to PyPI. The malicious code was hidden in strategic...

MAL-2023-8361 Malicious code in enumerate-iam-aws (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 46f8fde812a7274ad1e270e0cc3a8698349365af5d85ee9b89248fa467e5bf2f Attack targeted at users of Alibaba, AWS and Telegram via malicious packages published to PyPI. The malicious code was hidden in strategic...

Malicious code in alisdkcore (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 456242a426a17eeaca869a5f00ee2f02d837dec5bba7da9240b6bec77c0ae8a8 Attack targeted at users of Alibaba, AWS and Telegram via malicious packages published to PyPI. The malicious code was hidden in strategic...

23andMe User Data Stolen in Targeted Attack on Ashkenazi Jews

At least a million data points from 23andMe accounts appear to have been exposed on BreachForums. While the scale of the campaign is unknown, 23andMe says it's working to verify the data...

Watch out, this LastPass email with "Important information about your account" is a phish

The consequences of last year's LastPass breach continue to be felt, with the latest insult to users coming in the form of a highly convincing phishing email. Although the "unauthorized party" that compromised LastPass users' data was able to steal password vaults, it's likely that they are havin...

Focus on DroxiDat/SystemBC

Recently we pushed a report to our customers about an interesting and common component of the cybercrime malware set - SystemBC. And, in much the same vein as the 2021 Darkside Colonial Pipeline incident, we found a new SystemBC variant deployed to a critical infrastructure target. This time, the...

Act now! In-the-wild Zimbra vulnerability needs a workaround

Security experts are warning Zimbra users that a vulnerability for which there is no patch is being actively exploited in the wild. In a security update about the vulnerability, the company offered a temporary workaround which users can apply while waiting for a patch to be created. Zimbra is an...

Zimbra Warns of Critical Zero-Day Flaw in Email Software Amid Active Exploitation

Zimbra has warned of a critical zero-day security flaw in its email software that has come under active exploitation in the wild. "A security vulnerability in Zimbra Collaboration Suite Version 8.8.15 that could potentially impact the confidentiality and integrity of your data has surfaced," the...

Unraveling an AI Scam with AI

The last year has seen an unprecedented surge in the use of Artificial Intelligence AI and its deployment across a variety of industries and sectors. Unfortunately, this revolutionary technology has not just captivated the good actors– the darker corners of the internet are awash with bad actors...

IBM WebSphere Application Server Cross-Site Scripting Vulnerability (CNVD-2023-37168)

IBM WebSphere Application Server is an application server product. The product is a platform for JavaEE and Web services applications and is the foundation of the IBM WebSphere software platform. A cross-site scripting vulnerability exists in IBM WebSphere Application Server. The vulnerability...