AndroxGh0st Malware Targets Laravel Apps to Steal Cloud Credentials

Cybersecurity researchers have shed light on a tool referred to as AndroxGh0st that's used to target Laravel applications and steal sensitive data. "It works by scanning and taking out important information from .env files, revealing login details linked to AWS and Twilio," Juniper Threat Labs...

Fortra Patches Critical RCE Vulnerability in FileCatalyst Transfer Tool

Fortra has released details of a now-patched critical security flaw impacting its FileCatalyst file transfer solution that could allow unauthenticated attackers to gain remote code execution on susceptible servers. Tracked as CVE-2024-25153, the shortcoming carries a CVSS score of 9.8 out of a...

Exploit for Unrestricted Upload of File with Dangerous Type in Openeclass

Open eClass RCE Exploit Tool This tool is designed to exploit...

CVE-2024-25153

A directory traversal within the ‘ftpservlet’ of the FileCatalyst Workflow Web Portal allows files to be uploaded outside of the intended ‘uploadtemp’ directory with a specially crafted POST request. In situations where a file is successfully uploaded to web portal’s DocumentRoot, specially craft...

CVE-2024-25153 Remote Code Execution in FileCatalyst Workflow 5.x prior to 5.1.6 Build 114

A directory traversal within the ‘ftpservlet’ of the FileCatalyst Workflow Web Portal allows files to be uploaded outside of the intended ‘uploadtemp’ directory with a specially crafted POST request. In situations where a file is successfully uploaded to web portal’s DocumentRoot, specially craft...

CVE-2024-25153 Remote Code Execution in FileCatalyst Workflow 5.x prior to 5.1.6 Build 114

A directory traversal within the ‘ftpservlet’ of the FileCatalyst Workflow Web Portal allows files to be uploaded outside of the intended ‘uploadtemp’ directory with a specially crafted POST request. In situations where a file is successfully uploaded to web portal’s DocumentRoot, specially craft...

TinyTurla-NG in-depth tooling and command and control analysis

Cisco Talos, in cooperation with CERT.NGO, has discovered new malicious components used by the Turla APT. New findings from Talos illustrate the inner workings of the command and control C2 scripts deployed on the compromised WordPress servers utilized in the compromise we previously disclosed...

Exploit for Injection in Vm2_Project Vm2

CVE-2023-30547 Vulnerability de...

Ivanti Vulnerability Exploited to Install 'DSLog' Backdoor on 670+ IT Infrastructures

Threat actors are leveraging a recently disclosed security flaw impacting Ivanti Connect Secure, Policy Secure, and ZTA gateways to deploy a backdoor codenamed DSLog on susceptible devices. That's according to findings from Orange Cyberdefense, which said it observed the exploitation of...

CVE-2023-6675

Unrestricted Upload of File with Dangerous Type vulnerability in National Keep Cyber Security Services CyberMath allows Upload a Web Shell to a Web Server. This issue affects CyberMath: from v.1.4 before v.1.5...

CVE-2023-6675

Unrestricted Upload of File with Dangerous Type vulnerability in National Keep Cyber Security Services CyberMath allows Upload a Web Shell to a Web Server.This issue affects CyberMath: from v.1.4 before v.1.5...

CVE-2023-6675

Unrestricted Upload of File with Dangerous Type vulnerability in National Keep Cyber Security Services CyberMath allows Upload a Web Shell to a Web Server. This issue affects CyberMath: from v.1.4 before v.1.5...

Unrestricted file upload

Unrestricted Upload of File with Dangerous Type vulnerability in National Keep Cyber Security Services CyberMath allows Upload a Web Shell to a Web Server.This issue affects CyberMath: from v.1.4 before v.1.5...

CVE-2023-6675 Malicious File Upload in National Keep's CyberMath

Unrestricted Upload of File with Dangerous Type vulnerability in National Keep Cyber Security Services CyberMath allows Upload a Web Shell to a Web Server. This issue affects CyberMath: from v.1.4 before v.1.5...

CVE-2023-6675 Malicious File Upload in National Keep's CyberMath

Unrestricted Upload of File with Dangerous Type vulnerability in National Keep Cyber Security Services CyberMath allows Upload a Web Shell to a Web Server. This issue affects CyberMath: from v.1.4 before v.1.5...

CVE-2023-6675

CVE-2023-6675 affects National Keep CyberMath. The issue is an Unrestricted Upload of a File with a Dangerous Type in CyberMath versions 1.4 and earlier (pre-1.5), enabling an attacker to upload a web shell to the web server. The root cause is an improper validation of uploaded file types, allowi...

PT-2024-15044

Name of the Vulnerable Software and Affected Versions CyberMath versions 1.4 through 1.4 Description The issue allows an unrestricted upload of a file with a dangerous type, enabling the upload of a web shell to a web server. This can be exploited to gain unauthorized access to the server...

National Keep CyberMath Code Issue Vulnerability

National Keep CyberMath is a cybersecurity risk analysis tool for organizations from National Keep. A code issue vulnerability exists in National Keep CyberMath versions v1.4 through v1.5 that stems from the presence of an unrestricted upload of a dangerous type of file that allows a Web Shell to...

Telegram Marketplaces Fuel Phishing Attacks with Easy-to-Use Kits and Malware

Cybersecurity researchers are calling attention to the "democratization" of the phishing ecosystem owing to the emergence of Telegram as an epicenter for cybercrime, enabling threat actors to mount a mass attack for as little as $230. "This messaging app has transformed into a bustling hub where...

The vulnerability in the built-in command-line interface (CLI) of the Jenkins automation server allows a attacker to execute a CSWSH attack.

The vulnerability in the built-in command-line interface CLI of the Jenkins automation server is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to execute a CSWSH attack remotely...