QR codes used to phish for Microsoft credentials

Researchers have published details about a phishing campaign that uses QR codes to phish for Microsoft credentials. A QR Quick Response code is a kind of two-dimensional barcode that holds encoded data in a graphical black-and-white pattern. The data that a QR code stores can include URLs, email...

Malicious code in code-debug-codes (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis c78c334cc38295767013c4a8b7bd904fd09069e4b7f938183d8c247eefb27bec The OpenSSF Package Analysis project identified 'code-debug-codes' @ 9.9.9 npm as malicious. It is considered malicious because: - The package...

Security News This Week: US Energy Firm Targeted With Malicious QR Codes in Mass Phishing Attack

New research reveals the strategies hackers use to hide their malware distribution system, and companies are rushing to release mitigations for the “Downfall” processor vulnerability on Intel chips...

WoofLocker Toolkit Hides Malicious Codes in Images to Run Tech Support Scams

Cybersecurity researchers have detailed an updated version of an advanced fingerprinting and redirection toolkit called WoofLocker that's engineered to conduct tech support scams. The sophisticated traffic redirection scheme was first documented by Malwarebytes in January 2020, leveraging...

WordPress Serial Codes Generator and Validator with WooCommerce Support Plugin < 2.4.15 is vulnerable to Cross Site Scripting (XSS)

Software Serial Codes Generator and Validator with WooCommerce Support Type Plugin Vulnerable versions 2.4.15 Fixed in 2.4.15 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE N/A Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID...

Moderate: Red Hat Security Advisory: RHUI 4.5.0 release - Security, Bug Fixes, and Enhancements

An updated version of Red Hat Update Infrastructure RHUI is now available. RHUI 4.5 fixes several security and operational bugs and also adds several new features. Red Hat Update Infrastructure RHUI offers a highly scalable, highly redundant framework that enables you to manage repositories and...

Out-of-bounds Write

firefox-esr is vulnerable to Out-of-bounds Write. The vulnerability occurs due to memory corruption leading to a malicious attacker to run arbitrary codes...

Code Injection

gitlab is vulnerable to Code Injection. The vulnerability exists due to improper access restrictions which allows an attacker to inject and execute arbitrary codes into the system...

CVE-2023-26451

Functions with insufficient randomness were used to generate authorization tokens of the integrated oAuth Authorization Service. Authorization codes were predictable for third parties and could be used to intercept and take over the client authorization process. As a result, other users accounts...

WordPress Stripe Payment Gateway for WooCommerce Plugin <= 3.7.7 is vulnerable to Privilege Escalation

Software Stripe Payment Gateway for WooCommerce Type Plugin Vulnerable versions = 3.7.7 Fixed in 3.7.8 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2023-3162 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID...

Old Loader, New Threat: Exploring XWorm RAT's Distribution and Tactics 

Old Loader, New Threat: Exploring XWorm RAT's Distribution and Tactics By Pratik Pachpor and Adarsh S · July 31, 2023 Executive Summary: In March-April 2023, we detected a malicious email campaign delivering .Net based XWorm RAT in which embedded blogspot.com URLs were used as an entry point. Thi...

CVE-2023-33744

TeleAdapt RoomCast TA-2400 1.0 through 3.1 suffers from Use of a Hard-coded Password PIN: 385521, 843646, and 592671...

WordPress InstaWP Connect Plugin <= 0.0.9.18 is vulnerable to Broken Access Control

Software InstaWP Connect Type Plugin Vulnerable versions = 0.0.9.18 Fixed in 0.0.9.19 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-3956 Patch priority High CVSS severity High 9.8 Developer InstaWP PSID 2b066ee4e3c0 Credits Lana Codes Required privilege...

Add Unique Asset Context with Custom Attributes in CSAM

There is no such thing as “too much context” when it comes to asset management. Continuous discovery and comprehensive, normalized asset data create the foundation for streamlined risk detection and response. The more reliable asset data a security team has, the better it can operationalize an...

WordPress YARPP Plugin <= 5.30.3 is vulnerable to Cross Site Scripting (XSS)

Software YARPP Type Plugin Vulnerable versions = 5.30.3 Fixed in 5.30.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-2433 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID a7d49568bb15 Credits Lana Codes Required privilege...

WordPress Pixel & tracking codes for Google Web stories (formerly AMP Stories) Plugin < 1.0.5 is vulnerable to Cross Site Scripting (XSS)

Software Pixel & tracking codes for Google Web stories formerly AMP Stories Type Plugin Vulnerable versions 1.0.5 Fixed in 1.0.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID...

WordPress All in One Invite Codes Plugin < 1.1.11 is vulnerable to Cross Site Scripting (XSS)

Software All in One Invite Codes Type Plugin Vulnerable versions 1.1.11 Fixed in 1.1.11 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 070ddaecd3e9 Credits Rafie Muhammad Patchstac...

WordPress CodeKit – Custom Codes Editor Plugin < 2.3.6 is vulnerable to Cross Site Scripting (XSS)

Software CodeKit – Custom Codes Editor Type Plugin Vulnerable versions 2.3.6 Fixed in 2.3.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID fe5c4dee3953 Credits Rafie Muhammad...

QR codes are relevant again for everyone from diners to threat actors

Welcome to this weeks edition of the Threat Source newsletter. Although we can probably largely consider the COVID-19 pandemic "over," many relics from the peak of lockdown and concerns over the virus are still around in mid-2023. Its still impossible to get a doctors appointment quickly, but man...

NULL Pointer Dereference

libpano13.so is vulnerable to NULL Pointer Dereference. The vulnerability exists in the panoParserFindOLine function at parser.c which allows an attacker to execute arbitrary codes via a crafted file when can cause the application to crash...