[SECURITY] Fedora 41 Update: open62541-1.4.13-1.fc41

open62541 is a C-based library linking with C++ projects is possible with all necessary tools to implement dedicated OPC UA clients and servers, or to integrate OPC UA-based communication into existing applications...

CVE-2024-53982 Arbitrary file download in Zoo-Project Echo Example

ZOO-Project is a C-based WPS Web Processing Service implementation. A path traversal vulnerability was discovered in Zoo-Project Echo example. The Echo example available by default in Zoo installs implements file caching, which can be controlled by user-given parameters. No input validation is...

re2c: Denial of Service

Background re2c is a tool for generating C-based recognizers from regular expressions. Description Please review the CVE identifier referenced below for details. Impact Please review the CVE identifier referenced below for details. Workaround There is no known workaround at this time. Resolution...

Critical Atlassian Flaw Exploited to Deploy Linux Variant of Cerber Ransomware

Threat actors are exploiting unpatched Atlassian servers to deploy a Linux variant of Cerber aka C3RB3R ransomware. The attacks leverage CVE-2023-22518 CVSS score: 9.1, a critical security vulnerability impacting the Atlassian Confluence Data Center and Server that allows an unauthenticated...

Xeno RAT Open-Source Trojan Sparks Alarm

Summary: The Xeno RAT, a remote access trojan RAT available on GitHub, has gained attention in the threat landscape due to its open-source nature. This C-based malware is compatible with both Windows 10 and 11, specifically targeting consumers by presenting itself as disguised binaries that...

Syrian Hackers Distributing Stealthy C#-Based Silver RAT to Cybercriminals

Threat actors operating under the name Anonymous Arabic have released a remote access trojan RAT called Silver RAT that's equipped to bypass security software and stealthily launch hidden applications. "The developers operate on multiple hacker forums and social media platforms, showcasing an...

Quasar RAT Leverages DLL Side-Loading to Fly Under the Radar

The open-source remote access trojan known as Quasar RAT has been observed leveraging DLL side-loading to fly under the radar and stealthily siphon data from compromised Windows hosts. "This technique capitalizes on the inherent trust these files command within the Windows environment," Uptycs...

BunnyLoader: New Malware-as-a-Service Threat Emerges in the Cybercrime Underground

Cybersecurity experts have discovered yet another malware-as-a-service MaaS threat called BunnyLoader that's being advertised for sale on the cybercrime underground. "BunnyLoader provides various functionalities such as downloading and executing a second-stage payload, stealing browser credential...

[SECURITY] Fedora 37 Update: libyang-2.1.55-1.fc37

Libyang is YANG data modeling language parser and toolkit written and providing API in C...

[SECURITY] Fedora 37 Update: open62541-1.2.6-1.fc37

open62541 is a C-based library linking with C++ projects is possible with all necessary tools to implement dedicated OPC UA clients and servers, or to integrate OPC UA-based communication into existing applications...

Italian Users Warned of Malware Attack Targeting Sensitive Information

A new malware campaign has been observed targeting Italy with phishing emails designed to deploy an information stealer on compromised Windows systems. "The info-stealer malware steals sensitive information like system info, crypto wallet and browser histories, cookies, and credentials of crypto...

Researchers Find Link b/w PrivateLoader and Ruzki Pay-Per-Install Services

Cybersecurity researchers have exposed new connections between a widely used pay-per-install PPI malware service known as PrivateLoader and another PPI platform offered by a cybercriminal actor dubbed ruzki. "The threat actor ruzki aka les0k, zhigalsz advertises their PPI service on underground...

North Korean Hackers Deploying New MagicRAT Malware in Targeted Campaigns

The prolific North Korean nation-state actor known as the Lazarus Group has been linked to a new remote access trojan called MagicRAT. The previously unknown piece of malware is said to have been deployed in victim networks that had been initially breached via successful exploitation of...

re2c: Buffer overflow

Background re2c is a tool for generating C-based recognizers from regular expressions. Description A heap buffer overflow vulnerability was discovered in re2c. Impact An attacker could possibly cause a Denial of Service condition. Workaround There is no known workaround at this time. Resolution A...

Raptor Web Application Firewall

Raptor Web Application Firewall Raptor Web Application Firewall is a simple web application firewall made in C, using KISS principle , to make poll use select function, is not better than epoll or kqueue from BSD but is portable, the core of match engine using DFA to detect XSS, SQLi and path...

DIY Web Proxy: proxenet

proxenet is a multi-threaded proxy which allows you to manipulate your HTTP requests and responses using your favorite scripting language. No need to learn Java like for Burp or Python like for mitmproxy . proxenet supports heaps of languages and more can be added easily. proxenet is a C-based...