EUVD-2010-0255

Malware in sbrugna...

EUVD-2024-53900

Malicious code in bioql PyPI...

EUVD-2025-12179

Malicious code in bioql PyPI...

EUVD-2022-32829

Malicious code in bioql PyPI...

CVE-2021-36750

ENC DataVault before 7.2 and VaultAPI v67 mishandle key derivation, making it easier for attackers to determine the passwords of all DataVault users across USB drives sold under multiple brand names...

CVE-2024-52925

In OPSWAT MetaDefender Kiosk before 4.7.0, arbitrary code execution can be performed by an attacker via the MD Kiosk Unlock Device feature for software encrypted USB drives...

CVE-2024-52925

In OPSWAT MetaDefender Kiosk before 4.7.0, arbitrary code execution can be performed by an attacker via the MD Kiosk Unlock Device feature for software encrypted USB drives...

CVE-2024-52925

In OPSWAT MetaDefender Kiosk before 4.7.0, arbitrary code execution can be performed by an attacker via the MD Kiosk Unlock Device feature for software encrypted USB drives...

kernel: exfat: use kvmalloc_array/kvfree instead of kmalloc_array/kfree

A memory allocation failure was found in the exFAT filesystem driver. When system memory is fragmented, kmallocarray can fail to allocate contiguous memory for the bitmap, preventing USB drives from being mounted...

GoldenJackal Target Embassies and Air-Gapped Systems Using Malware Toolsets

A little-known threat actor tracked as GoldenJackal has been linked to a series of cyber attacks targeting embassies and governmental organizations with an aim to infiltrate air-gapped systems using two disparate bespoke toolsets. Victims included a South Asian embassy in Belarus and a European...

French Authorities Launch Operation to Remove PlugX Malware from Infected Systems

French judicial authorities, in collaboration with Europol, have launched a so-called "disinfection operation" to rid compromised hosts of a known malware called PlugX. The Paris Prosecutor's Office, Parquet de Paris, said the initiative was launched on July 18 and that it's expected to continue...

Attacks, Vulnerabilities and Actors 29 January to 4 February 2024

For a detailed threat digest, download the pdf file here Summary HiveForce Labs has recently made several significant discoveries related to cybersecurity threats. Over the past week, we identified a total of seven executed attacks, two instances of adversary activity, and six exploited...

Omron CS/CJ Series Missing Authentication For Critical Function (CVE-2022-45794)

Omron CS/CJ series programmable logic controllers are missing authentication for the file system. This could allow an attacker to access the file system via memory card or EM file memory and obtain all available sensitive information. This plugin only works with Tenable.ot. Please visit...

SUSE CVE-2023-4001

An authentication bypass flaw was found in GRUB due to the way that GRUB uses the UUID of a device to search for the configuration file that contains the password hash for the GRUB password protection feature. An attacker capable of attaching an external drive such as a USB stick containing a fil...

Malicious USB Drives Targeting Global Targets with SOGU and SNOWYDRIVE Malware

Cyber attacks using infected USB infection drives as an initial access vector have witnessed a three-fold increase in the first half of 2023, That's according to new findings from Mandiant, which detailed two such campaigns – SOGU and SNOWYDRIVE – targeting both public and private sector entities...

Chinese Espionage Malware Targets European Healthcare via USB Drives

By Waqas The malware campaign has been attributed to the Chinese APT group Mustang Panda, also known as Camaro Dragon. This is a post from HackRead.com Read the original post: Chinese Espionage Malware Targets European Healthcare via USB Drives...

Camaro Dragon Hackers Strike with USB-Driven Self-Propagating Malware

The Chinese cyber espionage actor known as Camaro Dragon has been observed leveraging a new strain of self-propagating malware that spreads through compromised USB drives. "While their primary focus has traditionally been Southeast Asian countries, this latest discovery reveals their global reach...

Camaro Dragon Hackers Strike with USB-Driven Self-Propagating Malware

The Chinese cyber espionage actor known as Camaro Dragon has been observed leveraging a new strain of self-propagating malware that spreads through compromised USB drives. "While their primary focus has traditionally been Southeast Asian countries, this latest discovery reveals their global reach...

New Report Reveals Shuckworm's Long-Running Intrusions on Ukrainian Organizations

The Russian threat actor known as Shuckworm has continued its cyber assault spree against Ukrainian entities in a bid to steal sensitive information from compromised environments. Targets of the recent intrusions, which began in February/March 2023, include security services, military, and...

New Analysis Reveals Raspberry Robin Can be Repurposed by Other Threat Actors

A new analysis of Raspberry Robin's attack infrastructure has revealed that it's possible for other threat actors to repurpose the infections for their own malicious activities, making it an even more potent threat. Raspberry Robin aka QNAP worm, attributed to a threat actor dubbed DEV-0856, is a...